Apache Software Foundation Camel 2.20.0

CPE Details

Apache Software Foundation Camel 2.20.0
apache
camel
2.20.0
2017-12-01
18h11 +00:00
2017-12-01
18h11 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apache:camel:2.20.0:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

camel

Version

2.20.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-0188 2019-05-28 16h10 +00:00 Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
7.5
High
CVE-2018-8041 2018-09-17 14h00 +00:00 Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal.
5.3
Medium
CVE-2018-8027 2018-07-31 13h00 +00:00 Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
9.8
Critical
CVE-2017-12633 2017-11-15 15h00 +00:00 The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.
9.8
Critical
CVE-2017-12634 2017-11-15 15h00 +00:00 The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.
9.8
Critical