DescriptionHooman Broujerdi
2018-08-06 03:37:07 UTC
It was found that apache camel-mail is vulnerable to path traversal vulnerability when in the position of receiving MUA. While camel-mail does not write the attachment to an arbitrary paths, it does not prevent user code from utilizing this functionality to be exposed to such vulnerability.
(In reply to Hooman Broujerdi from comment #1)
> Acknowledgments:
>
> Name: Zoran Regvart (Red Hat)
Minor correction, this was reported to Apache Camel by Shapira, Eedo (GE Digital).