4 matches found
GHSA-MHX2-R3JX-G94C Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...
CVE-2015-0264
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...
CVE-2015-0264
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...
CVE-2015-0264
CVE-2015-0264: In Apache Camel, multiple XXE vulnerabilities exist in builder/xml/XPathBuilder.java that allow reading arbitrary files when processing invalid XML strings or GenericFile objects via an XML External Entity (XXE) declaration. Affected versions are Camel before 2.13.4 and 2.14.x befo...