Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-20630

CVE-2024-25710, CVE-2024-26308 - Vulnerabilities with Camel-zip-deflater-starter maven dependency

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Not A Bug
    • 3.22.1
    • 3.21.5, 3.22.2
    • None
    • None
    • Unknown

    Description

      Hi,

       

      We have couple of vulnerabilities CVE-2024-25710, CVE-2024-26308 with 'Camel-zip-deflater'. These vulnerabilities are from org.apache.commons:commons-compress.1.21.jar, need to upgrade to 1.26.0.

      Is there any plan to release a new patch version on 3.22 with the fix?

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. CAMEL-19229 camel-tarfile: Common compress 1.23 is causing test failures

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              Sasikumarms Sasikumar Muthukrishnan Sampath
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: