High severityNVD Advisory· Published Mar 21, 2014· Updated Jun 17, 2026
CVE-2014-0003
CVE-2014-0003
Description
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.camel:camel-coreMaven | >= 2.11.0, < 2.11.4 | 2.11.4 |
org.apache.camel:camel-coreMaven | >= 2.12.0, < 2.12.3 | 2.12.3 |
Affected products
32cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*range: <=2.11.3
- cpe:2.3:a:apache:camel:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.0.0:milestone1:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.0.0:milestone2:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.0.0:milestone3:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.12.2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
20- camel.apache.org/security-advisories.data/CVE-2014-0003.txt.ascnvdExploitVendor AdvisoryWEB
- secunia.com/advisories/57125nvdVendor Advisory
- github.com/advisories/GHSA-h6rp-8v4j-hwphghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-0003ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2014-0245.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2014-0254.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2014-0371.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2014-0372.htmlnvdWEB
- github.com/apache/camel/commit/483b445dc77487e2d0f3d8c8bf1a7bbab04464cghsaWEB
- github.com/apache/camel/commit/c6de749e9b3c7b61861c5480e91550290585224ghsaWEB
- github.com/apache/camel/commit/e922f89290f236f3107039de61af0375826bd96dghsaWEB
- issues.apache.org/jira/browse/CAMEL-7123ghsaWEB
- lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3EnvdWEB
- lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3EghsaWEB
- lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3EnvdWEB
- lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3EghsaWEB
- web.archive.org/web/20200229061309/http://www.securityfocus.com/bid/65902ghsaWEB
- secunia.com/advisories/57716nvd
- secunia.com/advisories/57719nvd
- www.securityfocus.com/bid/65902nvd
News mentions
0No linked articles in our index yet.