Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.camel/camel-core@2.12-alpha0
purl pkg:maven/org.apache.camel/camel-core@2.12-alpha0
Tags Ghost
Next non-vulnerable version 2.24.0
Latest non-vulnerable version 4.4.0
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-k4un-d8uk-ryhe
Aliases:
CVE-2014-0003
GHSA-h6rp-8v4j-hwph
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
2.12.3
Affected by 5 other vulnerabilities.
VCID-uwkp-1etw-kkag
Aliases:
CVE-2014-0002
GHSA-2fw5-rvf2-jq56
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
2.12.3
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T12:46:52.169190+00:00 GitLab Importer Affected by VCID-uwkp-1etw-kkag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2014-0002.yml 38.0.0
2026-04-01T12:46:52.124239+00:00 GitLab Importer Affected by VCID-k4un-d8uk-ryhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.camel/camel-core/CVE-2014-0003.yml 38.0.0