CVE-2019-0194 – org.apache.camel:camel-core

Package

Manager: maven
Name: org.apache.camel:camel-core
Vulnerable Version: >=2.21.0 <2.21.5 || >=2.22.0 <2.22.3 || =2.23.0 || >=2.23.0 <2.23.1

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.02369 pctl0.84359

Details

Path Traversal in Apache Camel Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.

Metadata

Created: 2019-05-02T15:21:34Z
Modified: 2022-11-17T17:45:21Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/05/GHSA-4wjq-69rc-8wcp/GHSA-4wjq-69rc-8wcp.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-4wjq-69rc-8wcp
Finding: F063
Auto approve: 1