RHSA-2022:8902: Moderate: Red Hat Camel for Spring Boot 3.18.3 release and security update
This release of Camel for Spring Boot 3.18.3 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.Security Fix(es): commons-text: apache-commons-text: variable interpolation (CVE-2022-42889) org.eclipse.milo-sdk-server: sdk-server: Denial of Service (CVE-2022-25897) reactor-netty-http: Log request headers in some cases of invalid HTTP requests (CVE-2022-31684) For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:8902?
The severity of RHSA-2022:8902 is designed to address vulnerabilities that may impact the security and stability of affected systems.
What vulnerabilities are addressed in RHSA-2022:8902?
RHSA-2022:8902 addresses vulnerabilities related to the apache-commons-text components.
How do I fix RHSA-2022:8902?
To fix RHSA-2022:8902, users should update to Camel for Spring Boot version 3.18.3 or later.
Is RHSA-2022:8902 applicable to all users?
RHSA-2022:8902 is applicable only to users running versions of Camel for Spring Boot affected by the identified vulnerabilities.
Can RHSA-2022:8902 affect application performance?
Yes, vulnerabilities addressed in RHSA-2022:8902 can potentially impact application performance if not resolved.