3 matches found
CVE-2026-46453 Apache Camel: Camel-Elasticsearch-Rest-Client: Exchange header constants without the Camel prefix bypass inbound HTTP header filtering, allowing untrusted clients to override the Elasticsearch query and operation
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel ElasticSearch Rest Client. The camel-elasticsearch-rest-client component reads several Exchange headers to control its behaviour - SEARCHQUERY an advanced query body, OPERATION which...
EUVD-2026-41827
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel ElasticSearch Rest Client. The camel-elasticsearch-rest-client component reads several Exchange headers to control its behaviour - SEARCHQUERY an advanced query body, OPERATION which...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=5.7.9) +382 more potentially affected by CVE-2021-22145 via org.elasticsearch.client:elasticsearch-rest-client (>=7.10.0 <=7.13.3)
org.elasticsearch.client:elasticsearch-rest-client MAVEN version =7.10.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =5.7.9 and more Source cves: CVE-2021-22145 Source advisory: OSV:GHSA-Q394-H7F5-7F44...