The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Camel | Apache | * | 2.11.3 (including) |
| Camel | Apache | 1.0.0 (including) | 1.0.0 (including) |
| Camel | Apache | 1.1.0 (including) | 1.1.0 (including) |
| Camel | Apache | 1.2.0 (including) | 1.2.0 (including) |
| Camel | Apache | 1.3.0 (including) | 1.3.0 (including) |
| Camel | Apache | 1.4.0 (including) | 1.4.0 (including) |
| Camel | Apache | 1.5.0 (including) | 1.5.0 (including) |
| Camel | Apache | 1.6.0 (including) | 1.6.0 (including) |
| Camel | Apache | 1.6.1 (including) | 1.6.1 (including) |
| Camel | Apache | 1.6.2 (including) | 1.6.2 (including) |
| Camel | Apache | 1.6.3 (including) | 1.6.3 (including) |
| Camel | Apache | 1.6.4 (including) | 1.6.4 (including) |
| Camel | Apache | 2.0.0 (including) | 2.0.0 (including) |
| Camel | Apache | 2.0.0-milestone1 (including) | 2.0.0-milestone1 (including) |
| Camel | Apache | 2.0.0-milestone2 (including) | 2.0.0-milestone2 (including) |
| Camel | Apache | 2.0.0-milestone3 (including) | 2.0.0-milestone3 (including) |
| Camel | Apache | 2.1.0 (including) | 2.1.0 (including) |
| Camel | Apache | 2.10.0 (including) | 2.10.0 (including) |
| Camel | Apache | 2.10.1 (including) | 2.10.1 (including) |
| Camel | Apache | 2.10.2 (including) | 2.10.2 (including) |
| Camel | Apache | 2.10.3 (including) | 2.10.3 (including) |
| Camel | Apache | 2.10.4 (including) | 2.10.4 (including) |
| Camel | Apache | 2.10.5 (including) | 2.10.5 (including) |
| Camel | Apache | 2.10.6 (including) | 2.10.6 (including) |
| Camel | Apache | 2.10.7 (including) | 2.10.7 (including) |
| Camel | Apache | 2.11.0 (including) | 2.11.0 (including) |
| Camel | Apache | 2.11.1 (including) | 2.11.1 (including) |
| Camel | Apache | 2.11.2 (including) | 2.11.2 (including) |