An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products: * CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in * CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in * CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in * CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in * CVE-2024-45294 ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in * CVE-2024-8391 io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size * CVE-2024-8391 io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size * CVE-2024-32007 org.apache.cxf/cxf-rt-rs-security-jose: apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE * CVE-2024-41172 org.apache.cxf/cxf-rt-transports-https: unrestricted memory consumption in CXF HTTP clients * CVE-2024-35255 com.azure/azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in…Read More
References
Back to Main