pkg:maven/org.apache.camel/camel-core
Type
maven
Namespace
org.apache.camel
Name
camel-core
Known advisories, vulnerabilities and fixes for org.apache.camel/camel-core package.
Critical
1
High
6
Moderate
3
Low
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 2.12.0, < 2.12.3 < 2.11.4 |
CVE-2014-0002
|
 MAVEN:GHSA-2FW5-RVF2-JQ56
|
Apache Camel's XSLT component allows remote attackers to read arbitrary files | high |
2018-10-16T23:13:26
(6 years ago) |
|
| Fixed | = 2.12.3 = 2.11.4 |
CVE-2014-0002
|
MAVEN:GHSA-2FW5-RVF2-JQ56
|
Apache Camel's XSLT component allows remote attackers to read arbitrary files | high |
2018-10-16T23:13:26
(6 years ago) |
|
| Affected | >= 2.14.0, < 2.14.2 < 2.13.4 |
CVE-2015-0263
|
MAVEN:GHSA-3HRC-F439-727G
|
Apache Camel XML External Entity vulnerability | moderate |
2018-10-16T23:08:43
(6 years ago) |
|
| Fixed | = 2.14.2 = 2.13.4 |
CVE-2015-0263
|
MAVEN:GHSA-3HRC-F439-727G
|
Apache Camel XML External Entity vulnerability | moderate |
2018-10-16T23:08:43
(6 years ago) |
|
| Affected | = 2.23.0 >= 2.22.0, < 2.22.3 >= 2.21.0, <= 2.21.3 |
CVE-2019-0194
|
MAVEN:GHSA-4WJQ-69RC-8WCP
|
Path Traversal in Apache Camel | high |
2019-05-02T15:21:34
(5 years ago) |
|
| Fixed | = 2.23.1 = 2.22.3 = 2.21.5 |
CVE-2019-0194
|
MAVEN:GHSA-4WJQ-69RC-8WCP
|
Path Traversal in Apache Camel | high |
2019-05-02T15:21:34
(5 years ago) |
|
| Affected | = 2.21.0 >= 2.20.0, < 2.20.4 |
CVE-2018-8027
|
MAVEN:GHSA-8VFM-4388-6RPC
|
Apache is vulnerable to XXE in XSD validation processor | critical |
2018-10-16T23:06:25
(6 years ago) |
|
| Fixed | = 2.21.1 = 2.20.4 |
CVE-2018-8027
|
MAVEN:GHSA-8VFM-4388-6RPC
|
Apache is vulnerable to XXE in XSD validation processor | critical |
2018-10-16T23:06:25
(6 years ago) |
|
| Affected | >= 2.12.0, < 2.12.3 >= 2.11.0, < 2.11.4 |
CVE-2014-0003
|
MAVEN:GHSA-H6RP-8V4J-HWPH
|
Apache Camel's XSLT component allows remote attackers to execute arbitrary Java methods | high |
2018-10-16T23:13:49
(6 years ago) |
|
| Fixed | = 2.12.3 = 2.11.4 |
CVE-2014-0003
|
MAVEN:GHSA-H6RP-8V4J-HWPH
|
Apache Camel's XSLT component allows remote attackers to execute arbitrary Java methods | high |
2018-10-16T23:13:49
(6 years ago) |
|
| Affected | < 2.24.0 |
CVE-2019-0188
|
MAVEN:GHSA-H896-MX9X-G32G
|
XML External Entity injection in Apache Camel | high |
2019-05-29T18:15:50
(5 years ago) |
|
| Fixed | = 2.24.0 |
CVE-2019-0188
|
MAVEN:GHSA-H896-MX9X-G32G
|
XML External Entity injection in Apache Camel | high |
2019-05-29T18:15:50
(5 years ago) |
|
| Affected | < 3.2.0 |
CVE-2020-11971
|
MAVEN:GHSA-HFG5-XPVW-C9X4
|
Improper Input Validation in Apache Camel | high |
2021-05-21T19:20:30
(3 years ago) |
|
| Fixed | = 3.2.0 |
CVE-2020-11971
|
MAVEN:GHSA-HFG5-XPVW-C9X4
|
Improper Input Validation in Apache Camel | high |
2021-05-21T19:20:30
(3 years ago) |
|
| Affected | >= 2.14.0, < 2.14.2 < 2.13.4 |
CVE-2015-0264
|
MAVEN:GHSA-MHX2-R3JX-G94C
|
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object | moderate |
2018-10-16T23:09:15
(6 years ago) |
|
| Fixed | = 2.14.2 = 2.13.4 |
CVE-2015-0264
|
MAVEN:GHSA-MHX2-R3JX-G94C
|
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object | moderate |
2018-10-16T23:09:15
(6 years ago) |
|
| Affected | >= 4.1.0, < 4.4.0 >= 4.0.0, < 4.0.4 = 3.22.0 >= 3.21.0, < 3.21.4 |
CVE-2024-22371
|
MAVEN:GHSA-QPXM-689R-3849
|
Apache Camel data exposure vulnerability | low |
2024-02-26T18:30:30
(6 months ago) |
|
| Fixed | = 4.4.0 = 4.0.4 = 3.22.1 = 3.21.4 |
CVE-2024-22371
|
MAVEN:GHSA-QPXM-689R-3849
|
Apache Camel data exposure vulnerability | low |
2024-02-26T18:30:30
(6 months ago) |
|
| Affected | >= 2.18.0, < 2.18.2 < 2.17.6 |
CVE-2017-5643
|
MAVEN:GHSA-VQ9J-JH62-5HMP
|
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE. | high |
2018-10-16T23:13:11
(6 years ago) |
|
| Fixed | = 2.18.2 = 2.17.6 |
CVE-2017-5643
|
MAVEN:GHSA-VQ9J-JH62-5HMP
|
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE. | high |
2018-10-16T23:13:11
(6 years ago) |
|
| Affected | = 2.12.0 >= 2.11.0, < 2.11.2 >= 2.10.0, < 2.10.7 < 2.9.7 |
CVE-2013-4330
|
MAVEN:GHSA-X9FV-C87W-55WC
|
Improper Control of Generation of Code in Apache Camel | moderate |
2022-05-13T01:26:34
(2 years ago) |
|
| Fixed | = 2.12.1 = 2.11.2 = 2.10.7 = 2.9.7 |
CVE-2013-4330
|
MAVEN:GHSA-X9FV-C87W-55WC
|
Improper Control of Generation of Code in Apache Camel | moderate |
2022-05-13T01:26:34
(2 years ago) |