Lucene search
K

6 matches found

NVD
NVD
added 6 hours ago4 views

CVE-2026-46456

Improper Input Validation vulnerability in Apache Camel AWS2-SQS Component. The camel-aws2-sqs component map inbound message attributes into the Camel Exchange through a component-specific HeaderFilterStrategy. Sqs2HeaderFilterStrategy configured only an outbound filter setOutFilterPattern, which...

Exploits0References2
Cvelist
Cvelist
added 7 hours ago4 views

CVE-2026-49099 Apache Camel Salesforce: Non-Camel-prefixed Exchange header constants bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection', Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Salesforce Component. The camel-salesforce producer resolves its operation parameters - the SOQL query, the SOSL search,...

Exploits0References1
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-41842

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel DAPR component. The camel-dapr Dapr Pub/Sub consumer DaprPubSubConsumer copied two fields from each inbound CloudEvent - its Pub/Sub component name and its topic - into the...

6AI score
Exploits0References1
Cvelist
Cvelist
added 7 hours ago4 views

CVE-2026-46726 Apache Camel Vertx Websocket: The inbound consumer maps externally-supplied WebSocket query and path parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery SSRF vulnerability in Apache Camel in Vertx Websocket component. The camel-vertx-websocket consumer mapped inbound WebSocket query and path parameters into the Camel Exchange header...

Exploits0References1
ATTACKERKB
ATTACKERKB
added 7 hours ago3 views

CVE-2026-46454

Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...

6.1AI score
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.32 views

Apache Camel 安全漏洞

Apache Camel is an open source integration framework based on the Enterprise Integration Pattern EIP from the Apache Foundation in the United States. The framework provides an implementation of the Enterprise Integration Pattern's Java Objects POJOs and configures rules for routing and brokering...

5.6CVSS6.6AI score0.79817EPSS
Exploits4References2
Rows per page
Query Builder