Apache Camel vulnerabilities
2 known vulnerabilities affecting apache/apache_camel.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2019-0188HIGHCVSS 7.5vApache Camel versions prior to 2.24.02019-05-28
CVE-2019-0188 [HIGH] CWE-611 CVE-2019-0188: Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611)
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
cvelistv5nvd
CVE-2019-0194HIGHCVSS 7.5vCamel 2.21.0 to 2.21.3vCamel 2.22.0 to 2.22.2 and Camel 2.23.0 The unsupported Camel 2.x (2.19 and earlier) versions may be also affected.2019-04-30
CVE-2019-0194 [HIGH] CWE-22 CVE-2019-0194: Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2,
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
cvelistv5nvd