CVE-2019-0188

Summary

Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.

Affected Software

VendorProductVersion RangeStatus
ApacheApache CamelApache Camel versions prior to 2.24.0affected

Weaknesses

  • XML external entity injection (XXE)

ADP Enrichment

CVE Program Container

Additional References

References