drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Red Hat Build of Apache Camel 4.8 for Quarkus
| Name: |
Ausführen beliebiger Kommandos in Red Hat Build of Apache Camel 4.8 for Quarkus |
|
| ID: |
RHSA-2025:3091 |
|
| Distribution: |
Red Hat |
|
| Plattformen: |
Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 |
|
| Datum: |
Fr, 21. März 2025, 06:21 |
|
| Referenzen: |
https://access.redhat.com/errata/RHSA-2025:3091
https://access.redhat.com/security/cve/CVE-2025-27636
https://bugzilla.redhat.com/show_bug.cgi?id=2350682 |
|
| Applikationen: |
Red Hat Build of Apache Camel 4.8 for Quarkus |
|
Originalnachricht |
An update for Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now
available (RHBQ 3.15.3.SP2).
The purpose of this text-only errata is to inform you about the enhancements
that improve your developer experience and ensure the security and stability of your products.
Red Hat Product Security has rated this update as having a security impact of
Moderate.
An update for Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now
available (RHBQ 3.15.3.SP2).
The purpose of this text-only errata is to inform you about the enhancements
that improve your developer experience and ensure the security and stability of your products:
* org.apache.camel/camel-http-base: bypass of header filters via specially
crafted response (CVE-2025-27636)
* org.apache.camel/camel-http: bypass of header filters via specially crafted response (CVE-2025-27636)
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2025-27636: Improper Neutralization of HTTP Headers for Scripting Syntax
(CWE-644)
|
|
|
|
