3 matches found
CVE-2026-56140
Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...
CVE-2026-33453
The CVE-2026-33453 issue affects Apache Camel’s camel-coap component, enabling header injection via CoAP URI query parameters. The camel-coap handler copies incoming CoAP URI query params directly into Camel Exchange In headers without a HeaderFilterStrategy, allowing an unauthenticated attacker ...
CVE-2026-40453
The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...