Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
26 lines (18 sloc) 1005 Bytes
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CVE-2019-0188: Apache Camel-XMLJson vulnerable to XML external entity injection (XXE)
Severity: MEDIUM
Vendor: The Apache Software Foundation
Versions Affected: Apache Camel versions prior to 2.24.0
Description: Apache Camel provided contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
Mitigation: Update to version 2.24.0
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAEBAgAGBQJc57YJAAoJEONOnzgC/0EAI1oIAITlFL/xUHp0rEn5WaRoCbGE
49ZYJ2/bwK94se0KMhT5VqF6mYf1BWMSVzrczN+Qm8bEb1tQPDZFnTUe0hUjMN61
tJpGK1UPCOUm3rBVSmrkbYclBVCBgxIEjfeP7SAtBXZSQ7/SHLBG8OQWRur7CPml
6qtDt9WqIV0da9hJgP2n0YExqyfbCb0IZkvo23DWlzAHZ0LCVc7V/lDqGG1cWsZw
gEMtUfbaz4533vr5+LgST3z7AbnMBpk2P29/9M7Z3wOxtS2Ne6aw/ooJfRh/HJ5k
sw4jNQ/4txaha4BszSH9Ibdm0nMyzlmv0u8nONM0X2hhxasybMXIdPlTJh308BU=
=w7Pn
-----END PGP SIGNATURE-----
You can’t perform that action at this time.