Sim Yih Tsern

**Name of the Vulnerable Software and Affected Versions** Apache Camel versions 2.6.x through 2.14.x Apache Camel versions 2.15.x before 2.15.5 Apache Camel versions 2.16.x before 2.16.1 **Description** The issue allows remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request when using camel-jetty or camel-servlet as a consumer in Camel routes. **Recommendations** For Apache Camel versions 2.6.x through 2.14.x, update to a version outside of this range to resolve the issue. For Apache Camel versions 2.15.x before 2.15.5, update to version 2.15.5 or later. For Apache Camel versions 2.16.x before 2.16.1, update to version 2.16.1 or later.