4 matches found
GHSA-MHX2-R3JX-G94C Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...
CVE-2015-0264
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...
CVE-2015-0264
CVE-2015-0264: In Apache Camel, multiple XXE vulnerabilities exist in builder/xml/XPathBuilder.java that allow reading arbitrary files when processing invalid XML strings or GenericFile objects via an XML External Entity (XXE) declaration. Affected versions are Camel before 2.13.4 and 2.14.x befo...
CVE-2015-0264
Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...