Description
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.
Remediation
References
http://www.securityfocus.com/bid/100936
https://pivotal.io/security/cve-2017-8045
Related Vulnerabilities
CVE-2022-35916 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2021-21295 Vulnerability in maven package io.netty:netty-codec-http2
CVE-2014-3623 Vulnerability in maven package org.apache.cxf:cxf-rt-security
CVE-2016-10624 Vulnerability in npm package selenium-chromedriver
CVE-2017-16042 Vulnerability in maven package org.webjars.npm:growl