EUVD-2018-0619

Malware in sbrugna...

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization. De-serializing untrusted data can lead to security flaws...

GHSA-HVPR-9CR6-Q5V7 Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization. De-serializing untrusted data can lead to security flaws...

org.apache.camel:camel-snakeyaml-starter (>=2.18.0 <=2.18.1) potentially affected by CVE-2017-3159 via org.apache.camel:camel-snakeyaml (>=2.18.0 <=2.18.1)

org.apache.camel:camel-snakeyaml MAVEN version =2.18.0, =2.18.0, =2.18.1 Source cves: CVE-2017-3159 Source advisory: OSV:GHSA-HVPR-9CR6-Q5V7...

camel-snakeyaml: Unmarshalling operation is vulnerable to RCE

It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R2 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

Design/Logic Flaw

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

CVE-2017-3159

CVE-2017-3159 affects Apache Camel's camel-snakeyaml component, enabling Java deserialization that can lead to remote code execution when untrusted data is deserialized. The NVD entry assigns a high/critical impact (CVSS v3 base 9.8, NETWORK/LOW complexity, no authentication) with potential execu...

CVE-2017-3159

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...

Remote Code Execution (RCE)

Apache Camel's camel-snakeyaml component is vulnerable to remote code execution through a Java object deserialization vulnerability. It is possible to deserialize untrusted data in an unmarshalling operation that leads to remote code execution...

CVE-2017-3159

It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack...