First published: Tue Apr 30 2019(Updated: )
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Camel | >=2.0.0<=2.19.0 | |
Apache Camel | >=2.21.0<=2.21.3 | |
Apache Camel | >=2.22.0<=2.22.2 | |
Apache Camel | =2.23.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0194 is a vulnerability in Apache Camel's File component that allows directory traversal.
Camel versions 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, and 2.23.0 are affected by CVE-2019-0194.
CVE-2019-0194 has a severity rating of 7.5, which is considered high.
CVE-2019-0194 allows an attacker to perform directory traversal, potentially leading to unauthorized access or data manipulation.
More information about CVE-2019-0194 can be found at the following references: [http://www.openwall.com/lists/oss-security/2019/04/30/2](http://www.openwall.com/lists/oss-security/2019/04/30/2), [http://www.securityfocus.com/bid/108181](http://www.securityfocus.com/bid/108181), [https://lists.apache.org/thread.html/0a163d02169d3d361150e8183df4af33f1a3d8a419b2937ac8e6c66f@%3Cusers.camel.apache.org%3E](https://lists.apache.org/thread.html/0a163d02169d3d361150e8183df4af33f1a3d8a419b2937ac8e6c66f@%3Cusers.camel.apache.org%3E).