25 matches found
CVE-2026-46454
Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...
CVE-2026-46454
Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...
CVE-2026-46454 Apache Camel: Camel-Cometd: Inbound Bayeux message headers are mapped into the Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to inject Camel control headers
Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...
EUVD-2026-41828
Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...
CVE-2026-46454
The CVE-2026-46454 entry describes an improper input validation vulnerability in Apache Camel’s CometD binding. The issue arises because inbound Bayeux/CometD headers are mapped into the Camel Exchange without a HeaderFilterStrategy, copying the entire ext.CamelHeaders map onto the message. This ...
PT-2026-55889
Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.0.0 through 4.14.7 Apache Camel versions 4.15.0 through 4.18.2 Apache Camel versions 4.19.0 through 4.20.9 Description Improper input validation in the Apache Camel Cometd component allows unauthenticated users to injec...
CVE-2025-53114
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...
CVE-2025-53114 CometD has acknowledgement extension out of memory
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...
CVE-2025-53114
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...
CVE-2025-53114
Affected software: CometD server implementations. A vulnerability arises when clients consistently set ext.ack to 1 during /meta/connect while the acknowledgement extension is enabled, causing the unacknowledged message queue to grow without bound and potentially trigger OutOfMemoryError. Affecte...
PT-2026-48527
Name of the Vulnerable Software and Affected Versions CometD versions 5.0.x CometD versions 6.0.x CometD versions 8.0.x Description Improper handling of the acknowledgement extension allows malicious clients to cause a server outage. By consistently sending a fixed batch value in the ext paramete...
EUVD-2022-1534
Malicious code in bioql PyPI...
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
Summary BAYEUXBROWSER cookie is generated from Cometd Server and it remains live with the session. In older versions of cometd server, BAYEUXBROWSER cookie was neither true for https nor for secure. But in the current version ie. 5.0.3, there is a provision to make the cookie true for https and...
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
Summary BAYEUXBROWSER cookie is generated from Cometd Server and it remains live with the session. In older versions of cometd server, BAYEUXBROWSER cookie was neither true for https nor for secure. But in the current version ie. 5.0.3, there is a provision to make the cookie true for https and...
CVE-2022-24721
A flaw was found in CometD’s Oort package. This flaw allows an attacker to monitor unauthorized channels when connected remotely...
Improper Authorization
org.cometd.java:cometd-java-oort is vulnerable to improper authorization. Remote attackers are able to subscribe and publish to Oort and Seti channels due to improper authorization, allowing interception of internal cluster traffic. As a result the remote attackers are able to create/modify/delet...
org.cometd:cometd-demo (>=1.0.0 <=5.0.10), org.cometd:cometd-documentation (=5.0.10) potentially affected by CVE-2022-24721 via org.cometd.java:cometd-java-oort (>=1.0.beta9 <=5.0.10)
org.cometd.java:cometd-java-oort MAVEN version =1.0.beta9, =1.0.0, =5.0.10 - org.cometd:cometd-documentation =5.0.10 Source cves: CVE-2022-24721 Source advisory: OSV:GHSA-RJMQ-6V55-4RJV...
org.cometd:cometd-demo (>=7.0.0 <=7.0.19), org.cometd:cometd-documentation (>=7.0.1 <=7.0.19) potentially affected by CVE-2022-24721 via org.cometd.java:cometd-java-oort (>=7.0.0 <=7.0.5)
org.cometd.java:cometd-java-oort MAVEN version =7.0.0, =7.0.0, =7.0.1, =7.0.19 Source cves: CVE-2022-24721 Source advisory: OSV:GHSA-RJMQ-6V55-4RJV...
org.cometd:cometd-demo (>=6.0.0 <=6.0.19), org.cometd:cometd-documentation (>=6.0.1 <=6.0.19) potentially affected by CVE-2022-24721 via org.cometd.java:cometd-java-oort (>=6.0.0 <=6.0.5)
org.cometd.java:cometd-java-oort MAVEN version =6.0.0, =6.0.0, =6.0.1, =6.0.19 Source cves: CVE-2022-24721 Source advisory: OSV:GHSA-RJMQ-6V55-4RJV...
CVE-2022-24721
CometD is a scalable comet implementation for web messaging. In any version prior to 5.0.11, 6.0.6, and 7.0.6, internal usage of Oort and Seti channels is improperly authorized, so any remote user could subscribe and publish to those channels. By subscribing to those channels, a remote user may b...