Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.camel/camel-core@2.9.7

Type maven

Namespace org.apache.camel

Name camel-core

Version 2.9.7

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.9.8

Latest_non_vulnerable_version 4.4.0

Affected_by_vulnerabilities

url VCID-tssu-4ptf-wfbb

vulnerability_id VCID-tssu-4ptf-wfbb

summary

Remote code execution via header field manipulation
This package allows remote attackers to execute arbitrary simple language expressions by including `$simple{}` in a CamelFileName message header to a `FILE` or `FTP` producer.

references

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4330
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4330

reference_url	https://issues.apache.org/jira/browse/CAMEL-6734
reference_id
reference_type
scores
url	https://issues.apache.org/jira/browse/CAMEL-6734

reference_url	https://issues.apache.org/jira/browse/CAMEL-6748
reference_id
reference_type
scores
url	https://issues.apache.org/jira/browse/CAMEL-6748

reference_url	http://camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc
reference_id	CVE-2013-4330.TXT.ASC
reference_type
scores
url	http://camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc

fixed_packages

url	pkg:maven/org.apache.camel/camel-core@2.9.8
purl	pkg:maven/org.apache.camel/camel-core@2.9.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-core@2.9.8

url	pkg:maven/org.apache.camel/camel-core@2.10.7
purl	pkg:maven/org.apache.camel/camel-core@2.10.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-core@2.10.7

url	pkg:maven/org.apache.camel/camel-core@2.11.2
purl	pkg:maven/org.apache.camel/camel-core@2.11.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-core@2.11.2

url	pkg:maven/org.apache.camel/camel-core@2.12.1
purl	pkg:maven/org.apache.camel/camel-core@2.12.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-core@2.12.1

aliases CVE-2013-4330

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tssu-4ptf-wfbb

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.camel/camel-core@2.9.7

Package Instance