Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache camel |
||
oracle communications diameter signaling router |
||
oracle enterprise manager base platform 13.3.0.0 |
||
oracle enterprise manager base platform 13.4.0.0 |
||
oracle flexcube private banking 12.0.0 |
||
oracle flexcube private banking 12.1.0 |