[MAVEN:GHSA-338X-HFX8-VX9X] Apache Karaf Cave: Cave SSRF and arbitrary file access

Severity Critical
Affected Packages 1
CVEs 1

This issue affects all versions of Apache Karaf Cave.

As this project is retired, there are no plans to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Package Affected Version
pkg:maven/org.apache.karaf/cave <= 4.1.2
ID
MAVEN:GHSA-338X-HFX8-VX9X
Severity
critical
URL
https://github.com/advisories/GHSA-338x-hfx8-vx9x
Published
2024-05-14T18:30:50
(8 days ago)
Modified
2024-05-14T21:37:06
(8 days ago)
Rights
Maven Security Team
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:maven/org.apache.karaf/cave org.apache.karaf cave <= 4.1.2
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...