Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update (RHBQ 3.8.5.GA)
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.5.GA). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products: * CVE-2024-29857 org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service * CVE-2024-30172 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class * CVE-2024-30171 org.bouncycastle-bcprov-jdk18on: bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update (RHBQ 3.8.5.GA)
Description
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.5.GA). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products: * CVE-2024-29857 org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service * CVE-2024-30172 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class * CVE-2024-30171 org.bouncycastle-bcprov-jdk18on: bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:4505
- Cve Count
- 3
- Additional Cves
- ["CVE-2024-30171","CVE-2024-30172"]
- Cvss Version
- null
Threat ID: 6a1df669e29bf47b5046245f
Added to database: 6/1/2026, 9:15:21 PM
Last updated: 6/1/2026, 9:16:17 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.