8 matches found
EUVD-2018-0700
Malware in sbrugna...
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
Description: The Validation Component of Apache Camel evaluates DTD headers of XML stream sources, although a validation against XML schemas XSD is executed. Remote attackers can use this feature to make Server-Side Request Forgery SSRF attacks by sending XML documents with remote DTDs URLs or XM...
GHSA-VQ9J-JH62-5HMP Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
Description: The Validation Component of Apache Camel evaluates DTD headers of XML stream sources, although a validation against XML schemas XSD is executed. Remote attackers can use this feature to make Server-Side Request Forgery SSRF attacks by sending XML documents with remote DTDs URLs or XM...
CVE-2017-5643
It was found that Apache Camel's validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas XSD is executed. Remote attackers can use this feature to make Server-Side Request Forgery SSRF attacks by sending XML documents with remote DTDs URLs or XM...
Server side request forgery (ssrf)
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE...
CVE-2017-5643
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE...
CVE-2017-5643
The CVE-2017-5643 issue affects Apache Camel’s Validation Component, which is vulnerable to SSRF via remote DTDs and XML External Entities (XXE) in XML streams. The vulnerability arises when the component processes DTDs/XXEs, allowing remote resources to be fetched. Impact details in connected do...
CVE-2017-5643
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE...