6 matches found
Camel: remote code execution via header field manipulation
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...
Camel: remote code execution via header field manipulation
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...
Code injection
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...
CVE-2013-4330
CVE-2013-4330 is an Apache Camel remote code execution vulnerability caused by improper handling of the CamelFileName header when using FILE or FTP producers. Affected Camel core versions include 2.9.7 and earlier, as well as 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0, per the CVE des...
CVE-2013-4330
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...
PT-2013-4959 · Apache · Apache Camel
Name of the Vulnerable Software and Affected Versions: Apache Camel versions 2.9.0 through 2.9.6 Apache Camel versions 2.10.0 through 2.10.6 Apache Camel versions 2.11.0 through 2.11.1 Apache Camel version 2.12.0 Description: The issue allows remote attackers to execute arbitrary simple language...