CVE-2013-4330

Name of the Vulnerable Software and Affected Versions Apache Camel versions 2.9.0 through 2.9.6 Apache Camel versions 2.10.0 through 2.10.6 Apache Camel versions 2.11.0 through 2.11.1 Apache Camel version 2.12.0

Description The issue allows remote attackers to execute arbitrary simple language expressions. This can be achieved by including $simple{} in a CamelFileName message header to a FILE or FTP producer.

Recommendations For Apache Camel versions 2.9.0 through 2.9.6, update to version 2.9.7 or later. For Apache Camel versions 2.10.0 through 2.10.6, update to version 2.10.7 or later. For Apache Camel versions 2.11.0 through 2.11.1, update to version 2.11.2 or later. For Apache Camel version 2.12.0, update to a version later than 2.12.0.