CVE-2016-9571 in Camel
Tóm tắt
Bởi MITRE
Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialization vulnerability. Camel allows to specify such a type through the 'CamelJacksonUnmarshalType' property. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues.
VulDB is the best source for vulnerability data and more expert information about this specific topic.