| Max CVSS | 7.5 | Min CVSS | 4.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4330 | 6.8 |
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.
|
13-02-2023 - 04:46 | 04-10-2013 - 17:55 | |
| CVE-2014-0003 | 7.5 |
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
|
13-02-2023 - 00:29 | 21-03-2014 - 04:38 | |
| CVE-2013-4152 | 6.8 |
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF at
|
11-04-2022 - 17:36 | 23-01-2014 - 21:55 | |
| CVE-2013-2035 | 4.4 |
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with
|
18-01-2015 - 02:59 | 28-08-2013 - 23:55 |