VDB
CVE-2019-0194
CVE-2019-0194
PUBLISHED
CVSS 7.5 HIGH
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
EPSS 2.39% · 85.3th percentile
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
2.39%
85.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Apache Camel | *, Camel 2.21.0 to 2.21.3 |
| Maven | org.apache.camel:camel-core | 2.22.0, 2.23.0, 2.21.0 |
| apache | camel | 2.22.0, 2.0.0, 2.23.0 |
Exploit Intelligence
- shoucheng3/apache__camel_CVE-2019-0194_2-21-44 (github-poc)
- shoucheng3/apache__camel_CVE-2019-0194_2-21-44 (github-poc)
- shoucheng3/apache__camel_CVE-2019-0194_2-21-44 (github-poc)
- shoucheng3/apache__camel_CVE-2019-0194_2-21-44 (github-poc)
- shoucheng3/apache__camel_CVE-2019-0194_2-21-44 (github-poc)
- http://www.openwall.com/lists/oss-security/2019/04/30/2 (nist-nvd)
- [camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html (circl)
- [camel-commits] 20190524 [camel] 02/02: CVE-2019-0188 - Changed the title in security advisories (circl)
- [camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html (circl)
- [camel-commits] 20190524 [camel] branch master updated: Added security advisory for CVE-2019-0188 (circl)
…and 4 more exploits
Timeline
- Apr 30, 2019 CVE Published
- May 24, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- [camel-commits] 20190430 [camel] branch master updated: Added CVE-2019-0194 details mailing-list
- [camel-users] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel mailing-list
- [camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html mailing-list
- [oss-security] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel mailing-list
- https://lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88943b76%40%3Cdev.camel.apache.org%3E url
- 108181 vdb
- [camel-commits] 20190524 [camel] branch master updated: Added security advisory for CVE-2019-0188 mailing-list
- [camel-commits] 20190524 [camel] 02/02: CVE-2019-0188 - Changed the title in security advisories mailing-list
- [camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2019-0194 advisory
- https://github.com/apache/camel/pull/2700 url
- https://github.com/apache/camel package
- https://issues.apache.org/jira/browse/CAMEL-13042 url
- https://lists.apache.org/thread.html/0a163d02169d3d361150e8183df4af33f1a3d8a419b2937ac8e6c66f@%3Cusers.camel.apache.org%3E url
- https://lists.apache.org/thread.html/45e23ade8d3cb754615f95975e89e8dc73c59eeac914f07d53acbac6@%3Ccommits.camel.apache.org%3E url
- https://lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88943b76@%3Cdev.camel.apache.org%3E url
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E url