VulnerableCode Package Details - pkg:maven/org.apache.camel/camel-core@1.1.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.camel/camel-core@1.1.0

Essentials
History (10)

purl	pkg:maven/org.apache.camel/camel-core@1.1.0
Tags	Ghost

Next non-vulnerable version	2.24.0
Latest non-vulnerable version	4.4.0
Risk	4.0

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-423h-njb8-3uam Aliases: CVE-2013-4330 GHSA-x9fv-c87w-55wc	Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.	2.9.7 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.9.8 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.10.7 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.11.2 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.12.1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-aard-mgx9-rff2 Aliases: CVE-2015-0263 GHSA-3hrc-f439-727g	XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attackers to read arbitrary files via an external entity in an SAXSource.	2.13.4 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.14.2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-et64-wksj-qyhj Aliases: CVE-2017-5643 GHSA-vq9j-jh62-5hmp	Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.	2.17.6 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.18.2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.18.3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.19.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-k4un-d8uk-ryhe Aliases: CVE-2014-0003 GHSA-h6rp-8v4j-hwph	The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.	2.11.4 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.12.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-m8hb-4rwu-jkcy Aliases: CVE-2015-0264 GHSA-mhx2-r3jx-g94c	Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query.	2.13.4 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.14.2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-n8rf-enh6-q3bq Aliases: CVE-2019-0188 GHSA-h896-mx9x-g32g	Apache Camel contains an XML external entity injection vulnerability due to using an outdated vulnerable JSON-lib library. This affects only the `camel-xmljson` component, which was removed.	2.24.0 Affected by 0 other vulnerabilities.
VCID-uwkp-1etw-kkag Aliases: CVE-2014-0002 GHSA-2fw5-rvf2-jq56	The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	2.11.4 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.12.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-19T14:34:57.339967+00:00	GitLab Importer	Affected by	VCID-n8rf-enh6-q3bq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2019-0188.yml	38.4.0
2026-04-19T14:17:49.421046+00:00	GitLab Importer	Affected by	VCID-et64-wksj-qyhj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2017-5643.yml	38.4.0
2026-04-19T14:13:58.838327+00:00	GitLab Importer	Affected by	VCID-aard-mgx9-rff2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2015-0263.yml	38.4.0
2026-04-19T14:13:58.519644+00:00	GitLab Importer	Affected by	VCID-m8hb-4rwu-jkcy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2015-0264.yml	38.4.0
2026-04-19T14:12:54.502422+00:00	GitLab Importer	Affected by	VCID-uwkp-1etw-kkag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2014-0002.yml	38.4.0
2026-04-19T14:12:53.986214+00:00	GitLab Importer	Affected by	VCID-k4un-d8uk-ryhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2014-0003.yml	38.4.0
2026-04-19T14:12:32.460512+00:00	GitLab Importer	Affected by	VCID-423h-njb8-3uam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2013-4330.yml	38.4.0
2026-04-18T17:45:13.270449+00:00	GHSA Importer	Affected by	VCID-et64-wksj-qyhj	https://github.com/advisories/GHSA-vq9j-jh62-5hmp	38.4.0
2026-04-18T17:45:10.375738+00:00	GHSA Importer	Affected by	VCID-m8hb-4rwu-jkcy	https://github.com/advisories/GHSA-mhx2-r3jx-g94c	38.4.0
2026-04-18T17:45:09.993851+00:00	GHSA Importer	Affected by	VCID-aard-mgx9-rff2	https://github.com/advisories/GHSA-3hrc-f439-727g	38.4.0