ID CVE-2019-0188
Summary Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:camel:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.3.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.3.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.4.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.4.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.5.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.5.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.5.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.5.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.5.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:1.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:1.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:m1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:m1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:m2:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:m2:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:m3:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:m3:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:milestone3:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:milestone3:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.13.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.13.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.13.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.15.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.15.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.17.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.17.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.18.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.18.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.19.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.19.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.20.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.20.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.20.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.20.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.20.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.20.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.21.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.21.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.22.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.22.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.23.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.23.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.23.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.23.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:camel:2.23.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:camel:2.23.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_data_quality:11.1.1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_data_quality:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 15-03-2021 - 18:25)
Impact:
Exploitability:
CWE CWE-611
CAPEC
  • XML External Entities Blowup
    This attack takes advantage of the entity replacement property of XML where the value of the replacement is a URI. A well-crafted XML document could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 108422
confirm https://github.com/apache/camel/blob/master/docs/user-manual/en/security-advisories/CVE-2019-0188.txt.asc
jvn JVN#71498764
misc
mlist
  • [activemq-issues] 20190723 [jira] [Created] (AMQ-7249) Security Vulnerabilities in the ActiveMQ dependent jars.
  • [camel-users] 20190524 [SECURITY][ERRATA-CORRIGE] New security advisory CVE-2019-0188 released for Apache Camel
  • [oss-security] 20190524 [SECURITY][ERRATA-CORRIGE] New security advisory CVE-2019-0188 released for Apache Camel
  • [tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] ottlinger commented on issue #30: TAMAYA-410 bump camel-core version past CVE-2019-0188
  • [tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] peculater merged pull request #30: TAMAYA-410 bump camel-core version past CVE-2019-0188
  • [tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] peculater opened a new pull request #30: TAMAYA-410 bump camel-core version past CVE-2019-0188
  • [tamaya-commits] 20190607 [incubator-tamaya-sandbox] branch master updated: TAMAYA-410 bump camel-core version past CVE-2019-0188
  • [tamaya-dev] 20190607 [jira] [Closed] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188
  • [tamaya-dev] 20190607 [jira] [Commented] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188
  • [tamaya-dev] 20190607 [jira] [Created] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188
Last major update 15-03-2021 - 18:25
Published 28-05-2019 - 19:29
Last modified 15-03-2021 - 18:25
Back to Top