CVE-2017-5643

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-5643
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5643.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-5643
Aliases
Published
2017-03-16T15:59:00.947Z
Modified
2026-06-18T04:04:02.924909697Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.

References

Affected packages

Git / github.com/apache/camel

Affected ranges

Type
GIT
Repo
https://github.com/apache/camel
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5a32be6497ee64782ab2b9f507033e5e6e5840b3
Last affected
cf2e1749fae7c2d7526c705eb2c9e45e7f8f1af4
Last affected
c3d54e2ff5c412ff9d663e6386c38eb9c18e2282
Last affected
bf9c1455bd545848e2104027ce65624f148f41d8
Last affected
af7064e6c1a754bb65eacb5f653bd551e4219cc6
Last affected
dcd8a7ac69889d4067b772b09938261946808926
Last affected
a08cc255d6fd9148d652be52c25a4e95dcbff600
Last affected
da8694f8c5392881ac5ab49c37a7947451bb65af
Last affected
8ed344875d0e2e60e9234c89888fec2f14945b0b
Last affected
2123a4c74d66ef503d12bac4f37b941085e33345
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.16.0"
        },
        {
            "last_affected": "2.17.0"
        },
        {
            "last_affected": "2.17.1"
        },
        {
            "last_affected": "2.17.2"
        },
        {
            "last_affected": "2.17.3"
        },
        {
            "last_affected": "2.17.4"
        },
        {
            "last_affected": "2.17.5"
        },
        {
            "last_affected": "2.18.0"
        },
        {
            "last_affected": "2.18.1"
        },
        {
            "last_affected": "2.18.2"
        }
    ],
    "cpe": [
        "cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.17.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.18.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.18.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:camel:2.18.2:*:*:*:*:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ]
}

Affected versions

camel-2.*
camel-2.15.0
camel-2.16.0
camel-2.17.0
camel-2.17.1
camel-2.17.2
camel-2.17.3
camel-2.17.4
camel-2.17.5
camel-2.18.0
camel-2.18.1
camel-2.18.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5643.json"