QwikSec

Security Database

CVE

CWE

Training

CVE-2017-12634

Published: Nov 15, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.

Vendor	Product	Versions
Apache Software Foundation	Apache Camel	affected `2.19.0 to 2.19.3` affected `2.20.0` affected `The unsupported Camel 2.x (2.18 and earlier) versions may be also affected.`

References

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

https://issues.apache.org/jira/browse/CAMEL-11929

x_refsource_CONFIRM

http://camel.apache.org/security-advisories.data/CVE-2017-12634.txt.asc

x_refsource_CONFIRM

[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.