9 matches found
Sensitive Information Exposure
Apache Camel Undertow Component is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception responses, where processing errors return full Java stack traces instead of suppressing them, allowing attackers to obtain sensitive information such as...
CVE-2026-56139
A flaw was found in the Apache Camel Undertow component. The camel-undertow HTTP server consumer, when processing errors, could return full Java stack traces in HTTP responses. This occurs because the muteException option, which controls what is returned to the client during errors, defaulted to...
CVE-2026-56139
Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...
CVE-2026-56139
CVE-2026-56139 concerns Apache Camel Undertow: the muteException option on the Undertow HTTP server consumer defaulted to false, causing processing errors to return the full Java stack trace in HTTP responses. This exposed sensitive information (credentials in messages, host/IPs, filesystem paths...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.12 (RHSA-2026:3889)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3889 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to the custom UndertowHeaderFilterStrategy only filtering outgoing and not incoming headers. An attacker can manipulate header entries to invoke arbitrary methods from the Bean registry or use...
Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
Apache Camel 安全漏洞
Apache Camel is an open source integration framework based on the Enterprise Integration Pattern EIP from the Apache Foundation in the United States. The framework provides an implementation of the Enterprise Integration Pattern Java objects POJO , and through the application program interface to...