Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| apache | camel | 2.24.0 | - |
| oracle | enterprise_data_quality | - | - |
| oracle | enterprise_manager_base_platform |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7
Affected Products
32
References
apache / camel
| - |
| - |
| oracle | enterprise_manager_base_platform | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | enterprise_repository | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability
Impact