Skip to content

Latest commit

 

History

History
18 lines (16 loc) · 1.08 KB

CVE-2018-8027.md

File metadata and controls

18 lines (16 loc) · 1.08 KB
Raw
title url date draft type cve severity summary description mitigation credit affected fixed
Apache Camel Security Advisory - CVE-2018-8027
/security/CVE-2018-8027.html
2018-07-31 02:29:00 -0700
false
security-advisory
CVE-2018-8027
MEDIUM
Apache Camel's Core is vulnerable to XXE in XSD validation processor
Apache Camel's Core is vulnerable to XXE External Entity vulnerability XSD validation processor.
2.20.x users should upgrade to 2.20.4, 2.21.0 users should upgrade to 2.21.1. The JIRA tickets: https://issues.apache.org/jira/browse/CAMEL-12444 and https://issues.apache.org/jira/browse/CAMEL-10894 (partial fix) refer to the various commits that resovoled the issue, and have more details.
This issue was discovered by Karel Jelínek <karel dot jelinek at unicorn dot com> from Unicorn Systems.
2.20.0 up to 2.20.3, 2.21.0
2.20.4, 2.21.1 and newer

The JIRA tickets: https://issues.apache.org/jira/browse/CAMEL-12444 and https://issues.apache.org/jira/browse/CAMEL-10894 (partial fix) refer to the various commits that resovoled the issue, and have more details.