Author: buildbot
Date: Fri May 24 09:19:51 2019
New Revision: 1045395
Log:
Production update by buildbot for camel
Added:
websites/production/camel/content/security-advisories.data/CVE-2019-0188.txt.asc
Modified:
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/security-advisories.html
Modified: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Added:
websites/production/camel/content/security-advisories.data/CVE-2019-0188.txt.asc
==============================================================================
---
websites/production/camel/content/security-advisories.data/CVE-2019-0188.txt.asc
(added)
+++
websites/production/camel/content/security-advisories.data/CVE-2019-0188.txt.asc
Fri May 24 09:19:51 2019
@@ -0,0 +1,25 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+CVE-2019-0188: Apache Camel-XMLJson vulnerable to XML external entity
injection (XXE)
+
+Severity: MEDIUM
+
+Vendor: The Apache Software Foundation
+
+Versions Affected: Apache Camel versions prior to 2.24.0
+
+Description: Apache Camel provided contains an XML external entity injection
(XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib
library. This affects only the camel-xmljson component, which was removed.
+
+Mitigation: Update to version 2.24.0
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+iQEcBAEBAgAGBQJc57YJAAoJEONOnzgC/0EAI1oIAITlFL/xUHp0rEn5WaRoCbGE
+49ZYJ2/bwK94se0KMhT5VqF6mYf1BWMSVzrczN+Qm8bEb1tQPDZFnTUe0hUjMN61
+tJpGK1UPCOUm3rBVSmrkbYclBVCBgxIEjfeP7SAtBXZSQ7/SHLBG8OQWRur7CPml
+6qtDt9WqIV0da9hJgP2n0YExqyfbCb0IZkvo23DWlzAHZ0LCVc7V/lDqGG1cWsZw
+gEMtUfbaz4533vr5+LgST3z7AbnMBpk2P29/9M7Z3wOxtS2Ne6aw/ooJfRh/HJ5k
+sw4jNQ/4txaha4BszSH9Ibdm0nMyzlmv0u8nONM0X2hhxasybMXIdPlTJh308BU=
+=w7Pn
+-----END PGP SIGNATURE-----
Modified: websites/production/camel/content/security-advisories.html
==============================================================================
--- websites/production/camel/content/security-advisories.html (original)
+++ websites/production/camel/content/security-advisories.html Fri May 24
09:19:51 2019
@@ -78,7 +78,7 @@
<tbody>
<tr>
<td valign="top" width="100%">
-<div class="wiki-content maincontent"><h3
id="SecurityAdvisories-2019">2019</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2019-0194.txt.asc?version=1&modificationDate=1556620345000&api=v2"
data-linked-resource-id="113708792" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2019-0194.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2019-0194</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933" data-linked-resource-cont
ainer-version="20"> </a>- Apache Camel's File is vulnerable to
directory traversal</li></ul><h3
id="SecurityAdvisories-2018">2018</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2"
data-linked-resource-id="91554396" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8041.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2018-8041</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain" data-li
nked-resource-container-id="34833933"
data-linked-resource-container-version="20"> </a>- Apache Camel's
Mail is vulnerable to path traversal</li><li><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2018-8027</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20"> </a>- Apache Camel's
Core is vulnerable to XXE in XSD validation processor</li></ul><h3
id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2017-12634.txt.asc?version=1&modificationDate=1510733922000&api=v2"
data-linked-resource-id="74687198" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-12634.txt.asc"
data-nice-type="Text File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2017-12634</a> - Apache
Camel's Castor unmarshalling operation is vulnerable to Remote Code Execution
attacks</li><li><a shape="rect"
href="security-advisories.data/CVE-2017-12633.txt.asc?version=1&modificationDate=1510733921000&api=v2"
data-linked-resource-id="74687197" data-linked-resou
rce-version="1" data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-12633.txt.asc"
data-nice-type="Text File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2017-12633</a> - Apache
Camel's Hessian unmarshalling operation is vulnerable to Remote Code Execution
attacks</li><li><a shape="rect"
href="security-advisories.data/CVE-2017-5643.txt.asc?version=1&modificationDate=1489652454000&api=v2"
data-linked-resource-id="68719271" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-5643.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2017-5643</a> - Apache
Camel's Validation Component is vulnerable against SSRF via remote DTDs and
XXE</li><li><a shape="rect" href="s
ecurity-advisories.data/CVE-2017-3159.txt.asc?version=1&modificationDate=1486565167000&api=v2"
data-linked-resource-id="67641933" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-3159.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2017-3159</a> - Apache
Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code
Execution attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&modificationDate=1486565034000&api=v2"
data-linked-resource-id="67641927" data-linked-resource-version="2"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2016-8749.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="348
33933"
data-linked-resource-container-version="20">CVE-2016-8749</a> - Apache
Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to
Remote Code Execution attacks</li></ul><h3
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2015-5344.txt.asc?version=1&modificationDate=1454056803000&api=v2"
data-linked-resource-id="61338184" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2015-5344</a> - Apache
Camel's XStream usage is vulnerable to Remote Code Execution
attacks.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-5348.txt.asc?version=1&modificationDate=1450340845000&api=v2"
data-linked-resource-id="61333112" data-linked
-resource-version="1" data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2015-5348</a> - Apache Camel's
Jetty/Servlet usage is vulnerable to Java object de-serialisation
vulnerability.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&modificationDate=1426539191000&api=v2"
data-linked-resource-id="54165590" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2015-0264</a> - The XPath
handling in Apache Camel for invalid XML Strings or invalid XML GenericFile
objects allows remote attacke
rs to read arbitrary files via an XML External Entity (XXE) declaration. The
XML External Entity (XXE) will be resolved before the Exception is
thrown.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&modificationDate=1426539178000&api=v2"
data-linked-resource-id="54165589" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2015-0263</a> - The XML
converter setup in Apache Camel allows remote attackers to read arbitrary files
via an SAXSource containing an XML External Entity (XXE)
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2014-0003.txt.asc?version=1&modificationDate=1393615582000&api=v2"
data-linked-resourc
e-id="40009835" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0003.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2014-0003</a> - The Apache
Camel XSLT component allows XSL stylesheets to perform calls to external Java
methods.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&modificationDate=1393615569000&api=v2"
data-linked-resource-id="40009834" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2014-0002</a> - The Apache
Camel XSLT component will resolve entities in XML messages when transformin
g them using an xslt route.</li></ul><h3
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380633919000&api=v2"
data-linked-resource-id="35192841" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2013-4330.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="20">CVE-2013-4330</a> - Writing files
using FILE or FTP components, can potentially be exploited by a malicious
user.</li></ul><p><br clear="none"></p></div>
+<div class="wiki-content maincontent"><h3
id="SecurityAdvisories-2019">2019</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2019-0194.txt.asc?version=1&modificationDate=1556620345000&api=v2"
data-linked-resource-id="113708792" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2019-0194.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2019-0188</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933" data-linked-resource-cont
ainer-version="22"> </a>- Apache Camel-XMLJson vulnerable to XML
external entity injection (XXE)</li><li><a shape="rect"
href="security-advisories.data/CVE-2019-0194.txt.asc?version=1&modificationDate=1556620345000&api=v2"
data-linked-resource-id="113708792" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2019-0194.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2019-0194</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933
" data-linked-resource-container-version="22"> </a>- Apache Camel's
File is vulnerable to directory traversal</li></ul><h3
id="SecurityAdvisories-2018">2018</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2"
data-linked-resource-id="91554396" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8041.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2018-8041</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-conten
t-type="text/plain" data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22"> </a>- Apache Camel's
Mail is vulnerable to path traversal</li><li><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2018-8027</a><a shape="rect"
href="security-advisories.data/CVE-2018-8027.txt.asc?version=4&modificationDate=1533020841000&api=v2"
data-linked-resource-id="89065844" data-linked-resource-version="4"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2018-8027.txt.asc" data-nice-type="Text
File" data-linked-resource
-content-type="text/plain" data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22"> </a>- Apache Camel's
Core is vulnerable to XXE in XSD validation processor</li></ul><h3
id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2017-12634.txt.asc?version=1&modificationDate=1510733922000&api=v2"
data-linked-resource-id="74687198" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-12634.txt.asc"
data-nice-type="Text File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2017-12634</a> - Apache
Camel's Castor unmarshalling operation is vulnerable to Remote Code Execution
attacks</li><li><a shape="rect"
href="security-advisories.data/CVE-2017-12633.txt.asc?version=1&modificationDate=1510733921000&api=v2"
data-linked-resource-id="
74687197" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-12633.txt.asc"
data-nice-type="Text File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2017-12633</a> - Apache
Camel's Hessian unmarshalling operation is vulnerable to Remote Code Execution
attacks</li><li><a shape="rect"
href="security-advisories.data/CVE-2017-5643.txt.asc?version=1&modificationDate=1489652454000&api=v2"
data-linked-resource-id="68719271" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-5643.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2017-5643</a> - Apache
Camel's Validation Component is vulnerable against SSRF via remote DTDs and
XXE</li>
<li><a shape="rect"
href="security-advisories.data/CVE-2017-3159.txt.asc?version=1&modificationDate=1486565167000&api=v2"
data-linked-resource-id="67641933" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-3159.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2017-3159</a> - Apache
Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code
Execution attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&modificationDate=1486565034000&api=v2"
data-linked-resource-id="67641927" data-linked-resource-version="2"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2016-8749.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted" data-linked
-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2016-8749</a> - Apache
Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to
Remote Code Execution attacks</li></ul><h3
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2015-5344.txt.asc?version=1&modificationDate=1454056803000&api=v2"
data-linked-resource-id="61338184" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2015-5344</a> - Apache
Camel's XStream usage is vulnerable to Remote Code Execution
attacks.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-5348.txt.asc?version=1&modificationDate=1450340845000&api=v2"
data-linked-resourc
e-id="61333112" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2015-5348</a> - Apache Camel's
Jetty/Servlet usage is vulnerable to Java object de-serialisation
vulnerability.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&modificationDate=1426539191000&api=v2"
data-linked-resource-id="54165590" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2015-0264</a> - The XPath
handling in Apache Camel for invalid XML Strings or invalid XML GenericFile ob
jects allows remote attackers to read arbitrary files via an XML External
Entity (XXE) declaration. The XML External Entity (XXE) will be resolved before
the Exception is thrown.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&modificationDate=1426539178000&api=v2"
data-linked-resource-id="54165589" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2015-0263</a> - The XML
converter setup in Apache Camel allows remote attackers to read arbitrary files
via an SAXSource containing an XML External Entity (XXE)
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2014-0003.txt.asc?version=1&modificationDate=1393615582000&
api=v2" data-linked-resource-id="40009835" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0003.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2014-0003</a> - The Apache
Camel XSLT component allows XSL stylesheets to perform calls to external Java
methods.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&modificationDate=1393615569000&api=v2"
data-linked-resource-id="40009834" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2014-0002</a> - The Apache
Camel XSLT component will resolve entities in XM
L messages when transforming them using an xslt route.</li></ul><h3
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380633919000&api=v2"
data-linked-resource-id="35192841" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2013-4330.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="22">CVE-2013-4330</a> - Writing files
using FILE or FTP components, can potentially be exploited by a malicious
user.</li></ul><p><br clear="none"></p></div>
</td>
<td valign="top">
<div class="navigation">
