GHSA-h6rp-8v4j-hwph
Suggest an improvement- Source
- https://github.com/advisories/GHSA-h6rp-8v4j-hwph
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-h6rp-8v4j-hwph/GHSA-h6rp-8v4j-hwph.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-h6rp-8v4j-hwph
- Aliases
-
- CVE-2014-0003
- Published
- 2018-10-16T23:13:49Z
- Modified
- 2024-12-06T05:46:35.481981Z
- Summary
- Apache Camel's XSLT component allows remote attackers to execute arbitrary Java methods
- Details
-
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
- Database specific
{ "cwe_ids": [ "CWE-502" ], "github_reviewed": true, "github_reviewed_at": "2020-06-16T21:39:14Z", "severity": "HIGH", "nvd_published_at": "2014-03-21T04:38:00Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2014-0003
- https://github.com/apache/camel/commit/483b445dc77487e2d0f3d8c8bf1a7bbab04464c
- https://github.com/apache/camel/commit/c6de749e9b3c7b61861c5480e91550290585224
- https://github.com/apache/camel/commit/e922f89290f236f3107039de61af0375826bd96d
- https://github.com/apache/camel
- https://issues.apache.org/jira/browse/CAMEL-7123
- https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E
- https://web.archive.org/web/20200229061309/http://www.securityfocus.com/bid/65902
- http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc
- http://rhn.redhat.com/errata/RHSA-2014-0245.html
- http://rhn.redhat.com/errata/RHSA-2014-0254.html
- http://rhn.redhat.com/errata/RHSA-2014-0371.html
- http://rhn.redhat.com/errata/RHSA-2014-0372.html
Affected packages
Maven / org.apache.camel:camel-core
Package
- Name
- org.apache.camel:camel-core
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.camel/camel-core
Maven / org.apache.camel:camel-core
Package
- Name
- org.apache.camel:camel-core
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.camel/camel-core