Vulnerability in Apache Camel
CVE-2019-0194
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
EPSS: 0.024 (85.3th percentile) — read the EPSS interpretation.
Affected products
- Apache Camel — versions Camel 2.21.0 to 2.21.3, Camel 2.22.0 to 2.22.2 and Camel 2.23.0 The unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
Public proof-of-concept exploits
References
- [camel-commits] 20190430 [camel] branch master updated: Added CVE-2019-0194 details (mailing-list, x_refsource_MLIST)
- [camel-users] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel (mailing-list, x_refsource_MLIST)
- [camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
- [oss-security] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel (mailing-list, x_refsource_MLIST)
- lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88… (x_refsource_MISC)
- 108181 (vdb-entry, x_refsource_BID)
- [camel-commits] 20190524 [camel] branch master updated: Added security advisory for CVE-2019-0188 (mailing-list, x_refsource_MLIST)
- [camel-commits] 20190524 [camel] 02/02: CVE-2019-0188 - Changed the title in security advisories (mailing-list, x_refsource_MLIST)
- [camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html (mailing-list, x_refsource_MLIST)
Frequently asked questions
- What is CVE-2019-0194?
- CVE-2019-0194 is a vulnerability in Apache Camel. Published 2019-04-30.
- Is CVE-2019-0194 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.