Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5344 | 1 Apache | 1 Camel | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request. | |||||
| CVE-2015-0263 | 1 Apache | 1 Camel | 2024-02-04 | 5.0 MEDIUM | N/A |
| XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attackers to read arbitrary files via an external entity in an SAXSource. | |||||
| CVE-2015-0264 | 1 Apache | 1 Camel | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query. | |||||