CVE-2017-3159

Summary

Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Camel2.17.0 to 2.17.4affected
Apache Software FoundationApache Camel2.18.0 to 2.18.1affected
Apache Software FoundationApache CamelThe unsupported Camel 2.x (2.14 and earlier) versions may be also affected.affected

Weaknesses

  • Java deserialization

ADP Enrichment

CVE Program Container

Additional References

References