Page History

2019

• CVE-2019-0188 - Apache Camel-XMLJson vulnerable to XML external entity injection (XXE)
• CVE-2019-0194 - Apache Camel's File is vulnerable to directory traversal

2018

• CVE-2018-8041 - Apache Camel's Mail is vulnerable to path traversal
• CVE-2018-8027 - Apache Camel's Core is vulnerable to XXE in XSD validation processor

2017

• CVE-2017-12634 - Apache Camel's Castor unmarshalling operation is vulnerable to Remote Code Execution attacks
• CVE-2017-12633 - Apache Camel's Hessian unmarshalling operation is vulnerable to Remote Code Execution attacks
• CVE-2017-5643 - Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE
• CVE-2017-3159 - Apache Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code Execution attacks

...

• CVE-2013-4330 - Writing files using FILE or FTP components, can potentially be exploited by a malicious user.

...