Maven/Org.apache.camel/Camel-Servlet | GitLab Advisory Database

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

Advisories for Maven/Org.apache.camel/Camel-Servlet package