Lucene search
K

5 matches found

NVD
NVD
added 5 hours ago4 views

CVE-2026-48204

Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...

Exploits0References2
Cvelist
Cvelist
added 6 hours ago4 views

CVE-2026-48204 Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configuration

Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...

Exploits0References1
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-41839

Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...

6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 hours ago2 views

CVE-2026-48204

Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...

6AI score
Exploits0References2Affected Software1
CVE
CVE
added 6 hours ago4 views

CVE-2026-48204

The CVE relates to Apache Camel’s Camel-MongoDB-GridFS component. The gridfs.* control headers (gridfs.operation, gridfs.objectid, gridfs.metadata, etc.) bypass the HTTP header filter and allow an unauthenticated HTTP client to override the GridFS operation when no explicit operation is set, pote...

6AI score
Exploits0References2
Rows per page
Query Builder