CVE-2024-34365 – Apache Karaf Cave: Cave SSRF and arbitrary file access

https://notcve.org/view.php?id=CVE-2024-34365

Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vulnerabilidad de validación de entrada incorrecta en Apache Karaf Cave. Este problema afecta a todas las versiones de Apache Karaf Cave. Como este proyecto está retirado, no planeamos lanzar una versión que solucione este problema. • http://www.openwall.com/lists/oss-security/2024/05/09/5 https://karaf.apache.org/security/cve-2024-34365.txt • CWE-20: Improper Input Validation •