VYPR

Maven package

com.ritense.valtimo/inbox

pkg:maven/com.ritense.valtimo/inbox

Vulnerabilities (1)

  • CVE-2026-34164MedApr 16, 2026
    affected >= 13.0.0.RELEASE, < 13.22.0.RELEASEfixed 13.22.0.RELEASE

    Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive information including personal data (PII),