marcomaccio / camelatwork

Tutorials for Apache Camel

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[DepShield] Usage of org.apache.camel:camel-core:2.15.1 results in vulnerability to [CVE-2017-5643] Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs a...

sonatype-depshield opened this issue · comments

This application's usage of org.apache.camel:camel-core:2.15.1 causes a vulnerability to [CVE-2017-5643] Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs a... with a CVSS score of 7.4. Details about the vulnerability are available on the OSS Index page for [CVE-2017-5643] Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs a....

This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.

Thank you for being an early adopter of DepShield. In an effort provide a
more component-centric view of vulnerabilities we are consolidating your
issue(s), moving them to a new format, and closing this issue. You can
find the new issue here: #9