Apache Camel before 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache camel |
||
oracle enterprise data quality 11.1.1.9.0 |
||
oracle enterprise manager base platform 13.3.0.0 |
||
oracle enterprise manager base platform 13.4.0.0 |
||
oracle flexcube private banking 12.0.0 |
||
oracle flexcube private banking 12.1.0 |
||
oracle enterprise repository 12.1.3.0.0 |