Deserialization Of Untrusted Data
Apache Camel is vulnerable to Unsafe Deserialization. The vulnerability is due to deserialization of untrusted data in ConsulRegistryUtils.deserialize using ObjectInputStream.readObject without applying an ObjectInputFilter, allowing attackers with write access to the Consul KV store to inject...