CVE-2015-0264 in Camel信息

摘要

由 VulDB • 2026-07-04

Apache Camel版本低于2.13.4以及2.14.x系列中低于2.14.2版本的builder/xml/XPathBuilder.java中存在多个XML外部实体(XXE)漏洞,远程攻击者可通过XPath查询中的无效XML字符串或GenericFile对象内的外部实体读取任意文件。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!