Sign in Get started

← All advisories

High severity7.4NVD Advisory· Published Mar 16, 2017· Updated May 13, 2026

CVE-2017-5643

CVE-2017-5643

Description

Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.apache.camel:camel-coreMaven	< 2.17.6	2.17.6
org.apache.camel:camel-coreMaven	>= 2.18.0, < 2.18.2	2.18.2

Affected products

11

Apache/Camel10 versions
cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*range: <=2.16.0
- cpe:2.3:a:apache:camel:2.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.17.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.17.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.17.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.17.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.18.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.18.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:camel:2.18.2:*:*:*:*:*:*:*
Apache Software Foundation/Apache Camelv5
Range: 2.17.0 to 2.17.5

Patches

3

2c6964ae94d8

https://github.com/apache/camelvia ghsa

8afc5d175779

https://github.com/apache/camelvia ghsa

9f7376abbff7

https://github.com/apache/camelvia ghsa

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

13

camel.apache.org/security-advisories.data/CVE-2017-5643.txt.ascnvdVendor AdvisoryWEB
www.securityfocus.com/bid/97226nvdThird Party AdvisoryVDB EntryWEB
access.redhat.com/errata/RHSA-2017:1832nvdThird Party AdvisoryWEB
github.com/advisories/GHSA-vq9j-jh62-5hmpghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2017-5643ghsaADVISORY
github.com/apache/camel/commit/2c6964ae94d8f9a9c9a32e5ae5a0b794e8b8d3beghsaWEB
github.com/apache/camel/commit/8afc5d1757795fde715902067360af5d90f046daghsaWEB
github.com/apache/camel/commit/9f7376abbff7434794f2c7c2909e02bac232fb5bghsaWEB
issues.apache.org/jira/browse/CAMEL-10894ghsaWEB
lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3EghsaWEB
lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3EghsaWEB
lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3Envd
lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3Envd

News mentions

0

No linked articles in our index yet.