com.zerotoheroes:hs-draft-odds (>=1.0.0 <=1.0.2), com.zerotoheroes:hs-game-converter (>=1.0.0 <=1.0.12) +32 more potentially affected by CVE-2016-8749 via org.apache.camel:camel-jackson (>=2.17.0 <=2.17.4)

org.apache.camel:camel-jackson MAVEN version =2.17.0, =1.0.0, =1.0.0, =1.0.1, =1.0.1, =1.0.7, =1.1.0, =2.2.105, =2.2.105, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.7 and more Source cves: CVE-2016-8749 Source advisory: OSV:GHSA-VVJC-Q5VR-52Q6...

CVE-2016-8749

Apache Camel (camel-jackson and camel-jacksonxml) is affected by CVE-2016-8749 due to unsafe Java object deserialization during Jackson/JacksonXML unmarshalling, enabling remote code execution. The issue is documented across multiple feeds (GHSA and Red Hat advisories) and affects Camel component...