Vulnerability Description
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Camel | >= 2.20.0, <= 2.20.3 |
Related Weaknesses (CWE)
References
- http://camel.apache.org/security-advisories.data/CVE-2018-8027.txt.ascMitigationVendor Advisory
- http://www.securityfocus.com/bid/104933Third Party AdvisoryVDB Entry
- https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0
- https://lists.apache.org/thread.html/77f596fc63e63c2e9adcff3c34759b32c225cf0b582
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e6
- http://camel.apache.org/security-advisories.data/CVE-2018-8027.txt.ascMitigationVendor Advisory
- http://www.securityfocus.com/bid/104933Third Party AdvisoryVDB Entry
- https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0
- https://lists.apache.org/thread.html/77f596fc63e63c2e9adcff3c34759b32c225cf0b582
- https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e6
FAQ
What is CVE-2018-8027?
CVE-2018-8027 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor.
How severe is CVE-2018-8027?
CVE-2018-8027 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-8027?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Camel.