4 matches found
org.apache.camel:camel-castor-starter (=2.20.0) potentially affected by CVE-2017-12634 via org.apache.camel:camel-castor (=2.20.0)
org.apache.camel:camel-castor MAVEN version =2.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-castor and may be impacted: - org.apache.camel:camel-castor-starter =2.20.0 Source cves: CVE-2017-12634 Source advisory:...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R6 security and bug fix update
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
CVE-2017-12634
The camel-castor component in Apache Camel 2.x is vulnerable to Java object deserialization (CVE-2017-12634). Affected versions are 2.x before 2.19.4 and 2.20.x before 2.20.1. Deserializing untrusted data can lead to security flaws, including potential Remote Code Execution. The CVSSv3 base score...
CVE-2017-12634
It was found that Apache Camel contains a security vulnerability via camel-castor component. An attacker can utilize this flaw to deserialize a malicious object on the target machine which could lead to Remote Code Execution RCE...