Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
camel vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-0263
XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allows remote malicious users to read arbitrary files via an external entity in an SAXSource.
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
445
VMScore
CVE-2015-0264
Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allow remote malicious users to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an ...
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
NA
CVE-2023-34442
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. U...
Apache Camel 4.0.0
Apache Camel
668
VMScore
CVE-2018-8027
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
Apache Camel 2.21.0
Apache Camel
445
VMScore
CVE-2018-8041
Apache Camel's Mail 2.20.0 up to and including 2.20.3, 2.21.0 up to and including 2.21.1 and 2.22.0 is vulnerable to path traversal.
Apache Camel
Apache Camel 2.22.0
445
VMScore
CVE-2019-0194
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and previous versions) versions may be also affected.
Apache Camel
Apache Camel 2.23.0
445
VMScore
CVE-2020-11994
Server-Side Template Injection and arbitrary file disclosure on Camel templating components
Apache Camel
Apache Camel 2.25.0
Apache Camel 2.25.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Diameter Signaling Router
NA
CVE-2022-0084
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an malicious user to send flawed requests to a server, possibly causing log contention-related performance concern...
Redhat Single Sign-on 7.0
Redhat Integration Camel K -
Redhat Integration Camel Quarkus -
Redhat Xnio
NA
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Postgresql Postgresql
Fedoraproject Fedora 8
Redhat Enterprise Linux 8.0
Redhat Integration Service Registry -
Redhat Integration Camel K -
Redhat Integration Camel Quarkus -
NA
CVE-2022-4244
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolu...
Codehaus-plexus Project Codehaus-plexus
Redhat Integration Camel K
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »