CVE-2024-34365

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Apache Karaf Cave versions all

Description The issue is related to an Improper Input Validation vulnerability. This vulnerability only affects products that are no longer supported by the maintainer. Users are recommended to find an alternative or restrict access to the instance to trusted users.

Recommendations As a temporary workaround, consider restricting access to the instance to trusted users until an alternative solution is found. Find an alternative to Apache Karaf Cave, as the project is retired and no fix will be released.

Fix

SSRF

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918CWE-20

Related Identifiers

CVE-2024-34365

GHSA-338X-HFX8-VX9X

Affected Products

Apache Karaf Cave

CVE-2024-34365

Weakness Enumeration

Related Identifiers

Affected Products

References · 11