[jira] [Created] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188

William Lieurance (JIRA) Thu, 06 Jun 2019 21:52:46 -0700

William Lieurance created TAMAYA-410:
----------------------------------------


             Summary: Update camel-core dependency past CVE-2019-0188
                 Key: TAMAYA-410
                 URL: https://issues.apache.org/jira/browse/TAMAYA-410
             Project: Tamaya
          Issue Type: Improvement
            Reporter: William Lieurance
            Assignee: William Lieurance


h5. CVE-2019-0188

 
high severity
*Vulnerable versions:* < 2.24.0
*Patched version:* 2.24.0
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) 
vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. 
This affects only the camel-xmljson component, which was removed.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188

Reply via email to