CVE-2019-0188
published 2019-05-28CVE-2019-0188: Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | apache_camel | — | — |
| apache | camel | < 2.24.0 | 2.24.0 |
| apache | camel | — | — |
| oracle | enterprise_data_quality | — | — |
| oracle | enterprise_manager_base_platform | — | — |
| oracle | enterprise_manager_base_platform | — | — |
| oracle | enterprise_repository | — | — |
| oracle | flexcube_private_banking | — | — |
| oracle | flexcube_private_banking | — | — |