Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache camel - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0263
XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allows remote malicious users to read arbitrary files via an external entity in an SAXSource.
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
NA
CVE-2015-0264
Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allow remote malicious users to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an ...
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
9.8
CVSSv3
CVE-2018-8027
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
Apache Camel 2.21.0
Apache Camel
7.5
CVSSv3
CVE-2019-0194
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and previous versions) versions may be also affected.
Apache Camel
Apache Camel 2.23.0
3.3
CVSSv3
CVE-2023-34442
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. U...
Apache Camel 4.0.0
Apache Camel
5.3
CVSSv3
CVE-2018-8041
Apache Camel's Mail 2.20.0 up to and including 2.20.3, 2.21.0 up to and including 2.21.1 and 2.22.0 is vulnerable to path traversal.
Apache Camel
Apache Camel 2.22.0
7.5
CVSSv3
CVE-2020-11994
Server-Side Template Injection and arbitrary file disclosure on Camel templating components
Apache Camel
Apache Camel 2.25.0
Apache Camel 2.25.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Diameter Signaling Router
8.1
CVSSv3
CVE-2020-5529
HtmlUnit before 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rh...
Htmlunit Htmlunit
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Apache Camel -
1 Github repository
9.8
CVSSv3
CVE-2020-11973
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
Apache Camel
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Diameter Signaling Router
9.8
CVSSv3
CVE-2020-11972
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
Apache Camel
Oracle Communications Diameter Signaling Router
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »