CVE-2015-0264 – Camel: XXE via XPath expression evaluation

https://notcve.org/view.php?id=CVE-2015-0264

Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query. Múltiples vulnerabilidades de entidad externa XML (XXE) en builder/xml/XPathBuilder.java en Apache Camel anterior a 2.13.4 y 2.14.x anterior a 2.14.2 permiten a atacantes remotos leer ficheros arbitrarios a través de una entidad externa en un objeto XML (1) String o (2) GenericFile inválido en una consulta XPath. It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. • http://rhn.redhat.com/errata/RHSA-2015-1041.html http://rhn.redhat.com/errata/RHSA-2015-1538.html http://rhn.redhat.com/errata/RHSA-2015-1539.html http://securitytracker.com/id/1032442 https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E https://lists. • CWE-611: Improper Restriction of XML External Entity Reference •