Apache Camel CVE-2018-8027 XML External Entity Information Disclosure Vulnerability

Apache Camel is prone to an XML External Entity vulnerability.

An attacker can exploit this issue to gain access to sensitive information from the application; this may lead to further attacks.

The following versions are affected:

Apache Camel 2.20.0 through 2.20.3
Apache Camel 2.21.0


Bugtraq ID: 104933
Class: Design Error
CVE: CVE-2018-8027

Remote: Yes
Local: No
Published: Jul 31 2018 12:00AM
Updated: Jul 31 2018 12:00AM
Credit: Karel Jelínek
Vulnerable: Apache Camel 2.21
Apache Camel 2.20.3
Apache Camel 2.20.1
Apache Camel 2.20

Not Vulnerable: Apache Camel 2.21.1
Apache Camel 2.20.4


An attacker can exploit this issue using readily available tools.

Related Posts