5 matches found
EUVD-2018-0701
Malware in sbrugna...
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks
Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. Camel allows to specify such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in various...
Multiple Remote Code Execution Vulnerabilities in Apache Camel Java Deserialization
Apache Camel is the United States Apache Apache Software Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern, referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , an...
CVE-2016-8749
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks...
CVE-2016-8749
Apache Camel (camel-jackson and camel-jacksonxml) is affected by CVE-2016-8749 due to unsafe Java object deserialization during Jackson/JacksonXML unmarshalling, enabling remote code execution. The issue is documented across multiple feeds (GHSA and Red Hat advisories) and affects Camel component...