The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-02-03T15:00:00
Updated: 2019-05-24T10:06:04
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5344
JSON object: View
NVD Information
Status : Modified
Published: 2016-02-03T18:59:00.117
Modified: 2023-11-07T02:26:09.220
Link: CVE-2015-5344
JSON object: View
Redhat Information
No data.
CWE