Vulnerabilities > Apache > Camel > 2.22.2

DATE CVE VULNERABILITY TITLE RISK
2020-07-08 CVE-2020-11994 Injection vulnerability in multiple products
Server-Side Template Injection and arbitrary file disclosure on Camel templating components
network
low complexity
apache oracle CWE-74
7.5
7.5
2020-05-14 CVE-2020-11973 Deserialization of Untrusted Data vulnerability in multiple products
Apache Camel Netty enables Java deserialization by default.
network
low complexity
apache oracle CWE-502
critical
 9.8
9.8
2020-05-14 CVE-2020-11972 Deserialization of Untrusted Data vulnerability in multiple products
Apache Camel RabbitMQ enables Java deserialization by default.
network
low complexity
apache oracle CWE-502
7.5
7.5
2020-05-14 CVE-2020-11971 Apache Camel's JMX is vulnerable to Rebind Flaw.
network
low complexity
apache oracle
7.5
7.5
2019-05-28 CVE-2019-0188 XXE vulnerability in multiple products
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library.
network
low complexity
oracle apache CWE-611
7.5
7.5
2019-04-30 CVE-2019-0194 Path Traversal vulnerability in Apache Camel
Apache Camel's File is vulnerable to directory traversal.
network
low complexity
apache CWE-22
7.5
7.5