Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Camel 任意命令执行漏洞
Vulnerability Description
Apache Camel是美国阿帕奇(Apache)软件基金会的一套开源的基于Enterprise Integration Pattern(企业整合模式,简称EIP)的集成框架。该框架提供企业集成模式的Java对象(POJO)的实现,且通过应用程序接口来配置路由和中介的规则。 Apache Camel中存在安全漏洞。当在Camel路由中将camel-jetty或camel-servlet作为consumer使用时,远程攻击者可借助HTTP请求中特制的序列化Java对象利用该漏洞执行任意命令。以下版本受到影
CVSS Information
N/A
Vulnerability Type
N/A