Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.

Affected Packages

Maven org.apache.camel:camel-core

Affected versions: 2.21.0 (fixed in 2.21.5)

Maven org.apache.camel:camel-core

Affected versions: 2.22.0 (fixed in 2.22.3)

Maven org.apache.camel:camel-core

Affected versions: 2.23.0 (fixed in 2.23.1)

Related CVEs

CVE-2019-0194

Key Information

GHSA ID

GHSA-4wjq-69rc-8wcp

Published

May 2, 2019 3:21 PM

Last Modified

November 17, 2022 5:45 PM

CVSS Score

7.5 /10

Primary Ecosystem

Maven

Primary Package

org.apache.camel:camel-core

GitHub Reviewed

✓ Yes

Dataset

Last updated: September 12, 2025 6:34 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.