XML External Entity Vulnerabilities in Apache Camel
CVE-2015-0264

Currently unrated

Key Information:

Vendor

Apache
Status
Camel
Vendor
CVE Published:
3 June 2015

What is CVE-2015-0264?

Multiple XML External Entity (XXE) vulnerabilities exist in Apache Camel's XPath processing. These vulnerabilities allow remote attackers to exploit improperly handled XML inputs, which may enable them to read arbitrary files on the server. The exploitation occurs through the manipulation of external entities in invalid XML structures, specifically within String or GenericFile objects. Affected users should update to the latest versions to mitigate these security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://rhn.redhat.com/errata/RHSA-2015-1539.html
vendor-advisoryx_refsource_REDHAT
http://securitytracker.com/id/1032442
vdb-entryx_refsource_SECTRACK
https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=c...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.