5 matches found
org.apache.camel:camel-snakeyaml-starter (>=2.18.0 <=2.18.1) potentially affected by CVE-2017-3159 via org.apache.camel:camel-snakeyaml (>=2.18.0 <=2.18.1)
org.apache.camel:camel-snakeyaml MAVEN version =2.18.0, =2.18.0, =2.18.1 Source cves: CVE-2017-3159 Source advisory: OSV:GHSA-HVPR-9CR6-Q5V7...
CVE-2017-3159
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...
CVE-2017-3159
CVE-2017-3159 affects Apache Camel's camel-snakeyaml component, enabling Java deserialization that can lead to remote code execution when untrusted data is deserialized. The NVD entry assigns a high/critical impact (CVSS v3 base 9.8, NETWORK/LOW complexity, no authentication) with potential execu...
CVE-2017-3159
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws...
CVE-2017-3159
It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack...