7 matches found
CVE-2026-46591
The connected CVE records describe an injection flaw in Apache Camel’s Neo4j component: JSON keys used as CamelNeo4jMatchProperties are interpolated into the Cypher WHERE clause without validation, while values are parameterized. This allows an attacker controlling the property names to inject Cy...
EUVD-2026-41835
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Apache Camel Neo4J component. The camel-neo4j producer builds the Cypher WHERE clause for its match/retrieve and delete operations from the CamelNeo4jMatchProperties map. CVE-2025-66169 addressed Cypher injection...
CVE-2025-66169
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169
The CVE-2025-66169 entry concerns a Cypher Injection vulnerability in the Apache Camel camel-neo4j component. Affected versions are 4.10.0 before 4.10.8, 4.14.0 before 4.14.3, and 4.15.0 before 4.17.0. The underlying issue is improper handling of Cypher queries, leading to potential unauthorized ...
EUVD-2026-2447
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169 Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
Apache Camel 安全漏洞
Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides an implementation of the Enterprise Integration Pattern Java objects POJO ,...