The Camel PMC is pleased to announce the release of Apache Camel 3.18.0 (LTS).
Apache Camel is an open source integration framework that empowers you
to quickly and easily integrate various systems consuming or producing
data.
This release is a LTS release and contains 117 bug fixes and
Severity: Moderate
Description:
Apache Commons Configuration performs variable interpolation, allowing
properties to be dynamically evaluated and expanded. The standard format for
interpolation is "${prefix:name}", where "prefix" is used to locate an instance
of
Description:
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata
information related to datasets they have no permission on. This metadata
included the dataset name, columns and metrics.
Mitigation:
Upgrade to 1.5.1 or higher
Credit:
Apache Superset would like to
Severity: moderate
Description:
** UNSUPPORTED WHEN ASSIGNED ** Apache Jetspeed-2 does not sufficiently filter
untrusted user input by default leading to a number of issues including XSS,
CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true"
may mitigate these