Описание
Path Traversal in Apache Camel
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-0194
- https://github.com/apache/camel/pull/2700
- https://issues.apache.org/jira/browse/CAMEL-13042
- https://lists.apache.org/thread.html/0a163d02169d3d361150e8183df4af33f1a3d8a419b2937ac8e6c66f@%3Cusers.camel.apache.org%3E
- https://lists.apache.org/thread.html/45e23ade8d3cb754615f95975e89e8dc73c59eeac914f07d53acbac6@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88943b76@%3Cdev.camel.apache.org%3E
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E
- http://www.openwall.com/lists/oss-security/2019/04/30/2
Пакеты
Наименование
org.apache.camel:camel-core
maven
Затронутые версииВерсия исправления
>= 2.21.0, <= 2.21.3
2.21.5
Наименование
org.apache.camel:camel-core
maven
Затронутые версииВерсия исправления
>= 2.22.0, < 2.22.3
2.22.3
Наименование
org.apache.camel:camel-core
maven
Затронутые версииВерсия исправления
= 2.23.0
2.23.1
Связанные уязвимости
CVSS3: 6.2
redhat
почти 7 лет назад
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
CVSS3: 7.5
nvd
почти 7 лет назад
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.