XML External Entity Vulnerability in Apache Camel Products
CVE-2014-0002

Currently unrated

Key Information:

Vendor

Apache
Status
Camel
Vendor
CVE Published:
21 March 2014

What is CVE-2014-0002?

The XSLT component in Apache Camel versions prior to 2.11.4 and 2.12.x before 2.12.3 is susceptible to an XML External Entity (XXE) vulnerability. This flaw permits remote attackers to exploit the system by crafting a malicious XML document that includes external entity declarations. Such exploitation can lead to unauthorized file reading and other undefined impacts, potentially compromising sensitive information or leading to further attacks on the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/57125
third-party-advisoryx_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2014-0371.html
vendor-advisoryx_refsource_REDHAT
http://camel.apache.org/security-advisories.data/CVE-2014...
x_refsource_CONFIRM

EPSS Score

28% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.