Vulnerabilities > Apache > Camel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-08 | CVE-2020-11994 | Injection vulnerability in multiple products Server-Side Template Injection and arbitrary file disclosure on Camel templating components | 7.5 |
| 2020-05-14 | CVE-2020-11971 | Apache Camel's JMX is vulnerable to Rebind Flaw. | 7.5 |
| 2020-02-11 | CVE-2020-5529 | Improper Initialization vulnerability in multiple products HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. | 8.1 |
| 2019-05-28 | CVE-2019-0188 | XXE vulnerability in multiple products Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. | 7.5 |
| 2019-04-30 | CVE-2019-0194 | Path Traversal vulnerability in Apache Camel Apache Camel's File is vulnerable to directory traversal. | 7.5 |
| 2017-03-16 | CVE-2017-5643 | Server-Side Request Forgery (SSRF) vulnerability in Apache Camel Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE. | 7.4 |
| 2016-04-15 | CVE-2015-5348 | Data Processing Errors vulnerability in Apache Camel Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request. | 8.1 |