Description
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.
Remediation
References
https://pivotal.io/security/cve-2017-8045
http://www.securityfocus.com/bid/100936
Related Vulnerabilities
CVE-2021-21605 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-24613 Vulnerability in maven package com.drewnoakes:metadata-extractor
CVE-2014-8110 Vulnerability in maven package org.apache.activemq:activemq-web-console
CVE-2016-3101 Vulnerability in maven package org.jenkins-ci.plugins:extra-columns
CVE-2023-30519 Vulnerability in maven package org.jenkins-ci.plugins:quayio-trigger