CVE-2014-0003

Currently unrated

Key Information:

Vendor: Apache
Status: Camel
Vendor: CVE Published:; 21 March 2014

Summary

The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.

References

http://secunia.com/advisories/57125

third-party-advisoryx_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2014-0254.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2014-0371.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 21, 2014
Vulnerability Reserved
Dec 3, 2013