12 matches found
CVE-2026-46592
Summary: Apache Camel Camel-CXF SOAP component is affected by an improper input validation vulnerability where operationName/operationNamespace headers bypass header filtering, allowing an HTTP client to redirect the SOAP operation invoked by the backend service (a confusing-deputy). Impact (as s...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (=1.3.0) +2 more potentially affected by CVE-2026-49157 via org.apache.activemq:apache-activemq (=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.activemq:apache-activemq and may be impacted: - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 -...
de.ikor.sip.foundation:sip-integration-starter (>=2.4.0 <=3.2.0), de.ikor.sip.foundation:sip-soap-starter (>=3.0.0 <=3.2.0) +45 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-transport (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-transport MAVEN version =3.18.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.0.1, =2.0.1, =4.0.0.Beta1, =4.0.0.Beta1, =4.1.3, =4.0.0.Beta1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =0.1.0, =4.14.5 and more Source cves: CVE-2026-47323 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16787112...
org.apache.camel.kafkaconnector:camel-cxf-kafka-connector (>=3.18.1 <=3.21.0), org.apache.camel.kafkaconnector:camel-cxfrs-kafka-connector (>=3.18.1 <=4.14.5) +16 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-rest (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-rest MAVEN version =3.18.0, =3.18.1, =3.18.1, =3.18.1, =3.18.1, =4.10.3, =3.18.0, =4.10.3, =4.10.7, =3.18.0, =3.18.0, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2024-05-RT - org.talend.esb.locator.service:locator-soap-service =$%7Brevision%7D an...
org.apache.camel.kafkaconnector:camel-cxf-kafka-connector (>=3.18.1 <=3.21.0), org.apache.camel.kafkaconnector:camel-cxfrs-kafka-connector (>=3.18.1 <=4.14.5) +16 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-rest (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-rest MAVEN version =3.18.0, =3.18.1, =3.18.1, =3.18.1, =3.18.1, =4.10.3, =3.18.0, =4.10.3, =4.10.7, =3.18.0, =3.18.0, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2024-05-RT - org.talend.esb.locator.service:locator-soap-service =$%7Brevision%7D an...
Camel-CXF and Camel-Knative Message Header are Vulnerable to Injection via Missing Inbound Filtering
Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...
CVE-2026-47323
Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...
CVE-2026-47323 Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering
Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...
CVE-2026-47323 Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering
Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...
PT-2026-41898
Name of the Vulnerable Software and Affected Versions Apache Camel affected versions not specified Description An unauthenticated attacker can perform message header injection due to missing inbound filtering in the CxfRsHeaderFilterStrategy and Knative HeaderFilterStrategy implementations. This...
org.apache.camel:camel-cxf (>=2.9.0 <=2.9.0-RC1), org.apache.camel:camel-example-cxf (>=2.9.0 <=2.9.0-RC1) +117 more potentially affected by CVE-2012-5575 via org.apache.cxf:cxf-rt-transports-http (>=2.5.0 <=2.5.1)
org.apache.cxf:cxf-rt-transports-http MAVEN version =2.5.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =2.5.1 and more Source cves: CVE-2012-5575 Source advisory: OSV:GHSA-7V5V-9V8R-W864...
org.apache.camel:camel-cxf (>=2.9.0 <=2.9.0-RC1), org.apache.camel:camel-example-cxf (>=2.9.0 <=2.9.0-RC1) +31 more potentially affected by CVE-2013-2160 via org.apache.cxf:cxf-rt-frontend-jaxrs (>=2.5.0 <=2.5.1)
org.apache.cxf:cxf-rt-frontend-jaxrs MAVEN version =2.5.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =2.5.1 and more Source cves: CVE-2013-2160 Source advisory: OSV:GHSA-254Q-RP36-V2M8...