Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

EUVD-2018-0701

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType 
euvd
 euvd🔗 euvd.enisa.europa.eu👁 1 Views

Apache Camel's Jackson and JacksonXML unmarshalling can lead to Remote Code Execution vulnerabilities.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
CNVD		Multiple Remote Code Execution Vulnerabilities in Apache Camel Java Deserialization
30 Mar 201700:00
cnvd
CVE		CVE-2016-8749
28 Mar 201718:00
cve
Cvelist		CVE-2016-8749
28 Mar 201718:00
cvelist
Github Security Blog		Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks
16 Oct 201823:13
github
Imperva Blog		Deserialization Attacks Surge Motivated by Illegal Crypto-mining
24 Jan 201817:45
impervablog
NVD		CVE-2016-8749
28 Mar 201718:59
nvd
OSV		CVE-2016-8749
28 Mar 201718:59
osv
OSV		GHSA-VVJC-Q5VR-52Q6 Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks
16 Oct 201823:13
osv
Prion		Remote code execution
28 Mar 201718:59
prion
RedhatCVE		CVE-2016-8749
9 Feb 201715:48
redhatcve
Rows per page
[
  {
    "enisaIdVendor": [
      {
        "id": "7baf9f6b-5228-3413-9306-c278df296722",
        "vendor": {
          "name": "Apache Software Foundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "8db7ae7e-da76-3db0-982f-09e8a2855be8",
        "product": {
          "name": "Apache Camel"
        },
        "product_version": "2.16.0 to 2.16.4"
      },
      {
        "id": "b137cb39-1a46-3611-b406-bf68c2dbd5f5",
        "product": {
          "name": "Apache Camel"
        },
        "product_version": "2.17.0 to 2.17.4"
      },
      {
        "id": "d81e24c4-b38c-38e0-9013-cd13aa010ae4",
        "product": {
          "name": "Apache Camel"
        },
        "product_version": "The unsupported Camel 2.x (2.14 and earlier) versions may be also affected."
      },
      {
        "id": "ea3395df-db06-3cf1-ae76-5a256c14fae6",
        "product": {
          "name": "Apache Camel"
        },
        "product_version": "2.18.0 to 2.18.1"
      }
    ]
  }
]
SourceLink
nvdwww.nvd.nist.gov/vuln/detail/CVE-2016-8749
githubwww.github.com/apache/camel/commit/10f552643d7e4565104d142bbc160db5a30f9f7e
githubwww.github.com/apache/camel/commit/235036d2396ae45b6809b72a1983dee33b5ba326
githubwww.github.com/apache/camel/commit/2b0e96117d6f01eba0c18e2ff8df6a438e819721
githubwww.github.com/apache/camel/commit/57d01e2fc8923263df896e9810329ee5b7f9b69e
githubwww.github.com/apache/camel/commit/5ae9c0dcc4843347cd01ffb58ce5dd0687755a14
githubwww.github.com/apache/camel/commit/7567488f844f01d72840f7ab6ca18114a11f20d8
githubwww.github.com/apache/camel/commit/83fef7108456eeac1506853d194cd1360851c4fe
githubwww.github.com/apache/camel/commit/881e5099f94316d4a66ffbff0a3e6915829d49d7
githubwww.github.com/apache/camel/commit/8c862aa11e31d0f804c4a4516a0715e05e3eebcf
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Oct 2025 00:30Current
9.3High risk
Vulners AI Score9.3
CVSS 39.8
CVSS 27.5
EPSS0.12248
apache camelremote code executionjacksonjacksonxmlvulnerabilities
1