Описание
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| JBoss Developer Studio 11 | camel-core | Not affected | ||
| Red Hat Fuse 7 | camel-core | Not affected | ||
| Red Hat JBoss A-MQ 6 | camel-core | Will not fix | ||
| Red Hat JBoss BRMS 5 | camel-core | Out of support scope | ||
| Red Hat JBoss BRMS 6 | camel-core | Out of support scope | ||
| Red Hat JBoss Data Grid 7 | camel-core | Not affected | ||
| Red Hat JBoss Data Virtualization 6 | camel-core | Out of support scope | ||
| Red Hat JBoss Fuse 6 | camel-core | Will not fix | ||
| Red Hat JBoss Fuse Service Works 6 | camel-core | Will not fix | ||
| Red Hat JBoss SOA Platform 4 | camel-core | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-611
https://bugzilla.redhat.com/show_bug.cgi?id=1611632camel-core: XXE in XSD validation processor
EPSS
Процентиль: 86%
0.02968
Низкий
7.4 High
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 7 лет назад
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
CVSS3: 9.8
github
больше 7 лет назад
Apache is vulnerable to XXE in XSD validation processor
EPSS
Процентиль: 86%
0.02968
Низкий
7.4 High
CVSS3