CVE-2019-0194

CWE-22 — Path Traversal7 documents7 sources

Severity

7.5HIGH

EPSS

2.4%

top 14.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Camel Apache Apache Camel

Timeline

PublishedApr 30

Latest updateMay 7

Description

Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶Mavenorg.apache.camel:camel-core2.21.0 — 2.21.5+2

▶NVDapache/camel2.0.0 — 2.19.0+3

▶CVEListV5apache/apache_camelCamel 2.21.0 to 2.21.3, Camel 2.22.0 to 2.22.2 and Camel 2.23.0 The unsupported Camel 2.x (2.19 and earlier) versions may be also affected.+1

🔴Vulnerability Details

OSV

Path Traversal in Apache Camel↗2019-05-02

▶

GHSA

Path Traversal in Apache Camel↗2019-05-02

▶

CVEList

CVE-2019-0194: Apache Camel's File is vulnerable to directory traversal↗2019-04-30

▶

📋Vendor Advisories

Red Hat

camel: Directory traversal in file producer↗2019-04-30

▶

Apache

Apache camel: CVE-2019-0194↗

▶

💬Community

Bugzilla

CVE-2019-0194 camel: Directory traversal in file producer↗2019-05-07

▶