CVE-2017-12634: camel-castor: Apache Camel's Castor unmarshalling operation is vulnerable to Remote Code Execution attacks

Severity: Critical

CVSS Score: 9.8

The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.