Lucene search
RedHatRHSA-2014:0124HistoryJan 30, 2014 - 8:12 p.m.
(RHSA-2014:0124) Important: Apache Camel security update
2014-01-3020:12:53
access.redhat.com
15
0.012 Low
EPSS
Percentile
84.9%
Apache Camel is a versatile open-source integration framework based on
known Enterprise Integration Patterns.
A flaw was found in Apache Camel’s parsing of the FILE_NAME header. A
remote attacker able to submit messages to a Camel route, which would write
the provided message to a file, could provide expression language (EL)
expressions in the FILE_NAME header that would be evaluated on the
server. This could lead to arbitrary remote code execution in the context
of the Camel server process. (CVE-2013-4330)
All users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the
Red Hat Customer Portal are advised to apply this update.
Related
nvd
nvd
CVE-2013-4330
2013-10-04 17:55:09
osv
osv
Improper Control of Generation of Code in Apache Camel
2022-05-13 01:26:34
prion
prion
Code injection
2013-10-04 17:55:00
github
github
Improper Control of Generation of Code in Apache Camel
2022-05-13 01:26:34
cve
cve
CVE-2013-4330
2013-10-04 17:55:09
cvelist
cvelist
CVE-2013-4330
2013-10-04 17:00:00
redhat
redhat
(RHSA-2013:1410) Important: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4
2013-10-07 00:00:00
(RHSA-2014:0254) Important: activemq security update
2014-03-05 00:00:00
(RHSA-2014:0245) Important: activemq security update
2014-03-03 00:00:00
nessus
nessus
RHEL 6 : activemq (RHSA-2014:0254)
2018-12-04 00:00:00
RHEL 6 : activemq (RHSA-2014:0245)
2018-12-04 00:00:00
