When running vertx web applications that serve files using StaticHandler on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (*) then an attacker can exfiltrate any class path resource.
This issue has been addressed in the following products: RHINT Camel-Springboot 3.20.1.P1 Via RHSA-2023:3740 https://access.redhat.com/errata/RHSA-2023:3740
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-24815
This issue has been addressed in the following products: Cryostat 2 on RHEL 8 Via RHSA-2023:7669 https://access.redhat.com/errata/RHSA-2023:7669