Apache Camels camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Camel | Apache | * | 2.14.4 (including) |
Camel | Apache | 2.17.0 (including) | 2.17.4 (including) |
Camel | Apache | 2.18.0 (including) | 2.18.1 (including) |
Red Hat JBoss A-MQ 6.3 | RedHat | * | |
Red Hat JBoss Fuse 6.3 | RedHat | * |