Critical severityNVD Advisory· Published May 9, 2024· Updated Feb 13, 2025
Apache Karaf Cave: Cave SSRF and arbitrary file access
CVE-2024-34365
Description
UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.karaf:caveMaven | <= 4.1.2 | — |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-338x-hfx8-vx9xghsaADVISORY
- karaf.apache.org/security/cve-2024-34365.txtghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2024-34365ghsaADVISORY
- www.openwall.com/lists/oss-security/2024/05/09/5ghsaWEB
News mentions
0No linked articles in our index yet.