CVE-2015-0264: XXE in Apache Camel
(updated )
Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in this package allow remote attackers to read arbitrary files via an external entity in an invalid XML String or GenericFile object in an XPath query.
References
Code Behaviors & Features
Detect and mitigate CVE-2015-0264 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →