CVE-2013-4330: Remote code execution via header field manipulation

October 4, 2013 (updated May 24, 2019)

This package allows remote attackers to execute arbitrary simple language expressions by including $simple{} in a CamelFileName message header to a FILE or FTP producer.

References

camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc
bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4330
issues.apache.org/jira/browse/CAMEL-6734
issues.apache.org/jira/browse/CAMEL-6748

Code Behaviors & Features

Detect and mitigate CVE-2013-4330 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →