VDB

RHSA-2014%3A0140

RHSA-2014%3A0140 PUBLISHED CVSS 6.800000190734863 MEDIUM

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.

Risk Scores

CVSS 2.0
6.800000190734863

Affected Products

VendorProductVersions
Red HatRed Hat JBoss BPMS 6.0
Red HatRed Hat JBoss BRMS 6.0

Timeline

  • Feb 5, 2014 CVE Published
  • Jan 28, 2026 CVE Updated
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›