title: “Apache Camel Security Advisory - CVE-2018-8041” url: /security/CVE-2018-8041.html date: 2018-09-17T10:29:00.920000 draft: false type: security-advisory cve: CVE-2018-8041 severity: MEDIUM summary: “Apache Camel's Mail is vulnerable to path traversal” description: “Apache Camel's Mail is vulnerable to path traversal” mitigation: “2.20.x users should upgrade to 2.20.4, 2.21.0 users should upgrade to 2.21.2 and Camel 2.22.x users should upgrade to 2.22.1” credit: “This issue was discovered by Eedo Shapira from GE.” affected: 2.20.0 up to 2.20.3, 2.21.0 up to 2.21.1, 2.22.0 fixed: 2.20.4, 2.21.1, 2.22.1 and newer

The JIRA tickets: https://issues.apache.org/jira/browse/CAMEL-12630 refers to the various commits that resovoled the issue, and have more details.