Lucene search
K

498 matches found

Chainguard
Chainguard
added 6 days ago6 views

GHSA-2R2C-CX56-8933 vulnerabilities

Vulnerabilities for packages: apache-pulsar, spark-kubernetes-operator, zookeeper-fips, zookeeper, apache-pulsar-fips, druid, hadoop-client-modules, apache-camel-karavan-devmode, apache-hop-fips, apache-hop, spark-kubernetes-operator-fips, apache-nifi, kafka...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Apache Camel 4.14.x < 4.14.6 / 4.15.x < 4.18.1 RCE (CVE-2026-33453)

The version of Apache Camel on the remote host is 4.14.x prior to 4.14.6 or 4.15.x through 4.18.x prior to 4.18.1. It is, therefore, affected by a remote code execution vulnerability: - The camel-coap component maps incoming CoAP request URI query parameters directly into Camel Exchange In messag...

10CVSS6.6AI score0.06157EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/17 11:5 p.m.16 views

Important: Red Hat Security Advisory: Red Hat build of Apache Camel 4.18 for Quarkus 3.33 security update

A security update for Red Hat build of Apache Camel 4.18 for Quarkus 3.33 is now available. This text-only errata provides information about enhancements that improve your developer experience and ensure the security and stability of your applications. Red Hat Product Security has rated this upda...

10CVSS5.4AI score0.00665EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.15 views

Important: Red Hat Security Advisory: HawtIO 4.4.0 for Red Hat build of Apache Camel 4 Release and security update.

HawtIO 4.4.0 for Red Hat build of Apache Camel 4 GA Release is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update ...

10CVSS7.3AI score0.01945EPSS
Exploits10References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-45760

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

8.1CVSS5.4AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/04 4:22 a.m.9 views

CVE-2026-47323

A flaw was found in Apache Camel. An unauthenticated attacker could inject Camel-internal headers via HTTP requests to CXF-RS or CXF-SOAP endpoints due to missing inbound filtering in the HeaderFilterStrategy implementations. This allows the attacker to override configured values when messages ar...

9.8CVSS6.4AI score0.01425EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/02 11:27 a.m.10 views

Apache Camel: camel-jms: camel-sjms: camel-sjms2: camel-amqp: camel-activemq: camel-activemq6: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage

A flaw was found in Apache Camel. A remote attacker could exploit a deserialization vulnerability by sending a specially crafted Java Message Service JMS ObjectMessage to a Camel application acting as a JMS consumer. This vulnerability arises because the application deserializes the message paylo...

9.8CVSS6.4AI score0.00881EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/02 11:27 a.m.9 views

org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data

A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...

8.8CVSS6.3AI score0.00711EPSS
Exploits1References5
OSV
OSV
added 2026/05/21 3:34 p.m.3 views

GHSA-Q8CH-JX67-Q52X Apache Camel K: Kubernetes namespace authorized users can create a Build resource

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

8.1CVSS5.8AI score0.00325EPSS
Exploits0References10
NVD
NVD
added 2026/05/21 1:16 p.m.24 views

CVE-2026-45760

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

8.1CVSS0.00325EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 11:43 a.m.6 views

CVE-2026-45760

Externally Controlled Reference to a Resource in Another Sphere, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the...

5.8AI score0.00325EPSS
Exploits0References2Affected Software1
Chainguard
Chainguard
added 2026/05/21 1:17 a.m.12 views

CVE-2026-40022 vulnerabilities

Vulnerabilities for packages: apache-camel-karavan-devmode...

8.2CVSS5.8AI score0.00622EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:17 a.m.10 views

GHSA-27VM-5VPJ-RP5G vulnerabilities

Vulnerabilities for packages: apache-camel-karavan-devmode...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.18 views

PT-2026-42459

Name of the Vulnerable Software and Affected Versions Apache Camel K versions 2.0.0 through 2.8.0 Apache Camel K versions 2.9.0 through 2.9.1 Apache Camel K versions 2.10.0 Description Authorized users in a Kubernetes namespace can create a Build resource to control Pod generation in a namespace ...

8.1CVSS5.8AI score0.00325EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/05/20 8:47 p.m.19 views

Critical: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP2)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP2. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

9.9CVSS5.8AI score0.0086EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/05/20 8:47 p.m.12 views

Apache Camel: org.apache.camel: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection

A flaw was found in Apache Camel. A remote attacker with Java Message Service JMS producer access could exploit a vulnerability in how certain header filter strategies process case-variant internal headers. This discrepancy, where filtering is case-sensitive but header processing is not, allows f...

9.9CVSS6.4AI score0.0086EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Apache Camel 安全漏洞

Apache Camel is an open-source integration framework based on the Enterprise Integration Pattern EIP, developed by the Apache Foundation in the United States. This framework provides implementations of Java objects following the EIP pattern and allows routing and mediation rules to be configured...

9.8CVSS6.5AI score0.01425EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.10 views

camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers

A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...

8.2CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.9 views

Apache Camel: camel-coap: Apache Camel camel-coap: Remote code execution via CoAP URI query parameter injection

A flaw was found in Apache Camel's camel-coap component. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted CoAP Constrained Application Protocol UDP User Datagram Protocol packet. The camel-coap component improperly processes URI query parameters,...

10CVSS6.4AI score0.06157EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.18 views

Apache Camel: org.apache.camel: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection

A flaw was found in Apache Camel. A remote attacker with Java Message Service JMS producer access could exploit a vulnerability in how certain header filter strategies process case-variant internal headers. This discrepancy, where filtering is case-sensitive but header processing is not, allows f...

9.9CVSS6.4AI score0.0086EPSS
Exploits0References5
Rows per page
Query Builder