Описание
camel-ldap component allows LDAP Injection when using the filter option
The camel-ldap component allows LDAP Injection when using the filter option. Users are recommended to either move to the Camel-Spring-Ldap component (which is not affected) or upgrade to 3.14.6 or 3.18.4.
Пакеты
Наименование
org.apache.camel:camel-ldap
maven
Затронутые версииВерсия исправления
< 3.14.6
3.14.6
Наименование
org.apache.camel:camel-ldap
maven
Затронутые версииВерсия исправления
>= 3.15.0, < 3.18.4
3.18.4
Связанные уязвимости
redhat
около 3 лет назад
This flaw targets the camel-ldap package. According to the maintainers this CVE should be retracted soon.
nvd
около 3 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.