5 matches found
Apache Camel 4.8.0 < 4.8.6 / 4.10.0 < 4.10.3 â Camel-Undertow Bypass/Injection Vulnerability (CVE-2025-30177)
This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. It is, therefore, affected by a message header injection vulnerability: - Bypass/Injection vulnerability in Apache Camel components under particular conditions. In particular the custom header filter strategy use...
CVE-2025-30177
A flaw was found in the Apache Camel Undertow component. This vulnerability allows an attacker to inject Camel-specific headers via the inbound request, which can alter the behavior of certain Camel components such as camel-bean and camel-exec. This issue occurs due to the custom header filter...
CVE-2025-30177
creationtimestamp| type| source ---|---|--- 2025-04-01 12:32:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9877 2025-04-01 16:23:16+00:00| seen| https://t.me/cvedetector/21751 2025-04-01 17:12:07+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3llrelh3qc72j 2026-04-26...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177
Apache Camel vulnerability CVE-2025-30177 affects Camel-Undertow in Camel versions 4.10.0–4.10.3 and 4.8.0–4.8.6, where the DefaultHeaderFilterStrategy is insufficiently filtering incoming headers. The issue allows Camel-specific headers to bypass the header filter (notably in the Camel-Undertow ...