CVE-2019-0188

Name of the Vulnerable Software and Affected Versions Apache Camel versions prior to 2.24.0

Description The issue is related to an XML external entity injection (XXE) vulnerability due to the use of an outdated vulnerable JSON-lib library. This affects the camel-xmljson component. The vulnerability can be exploited by a remote attacker to perform an XXE attack.

Recommendations For versions prior to 2.24.0, update to version 2.24.0 or later to resolve the issue. As a temporary workaround, consider disabling the camel-xmljson component until a patch is available.