org.apache.camel.karaf:camel-pqc (>=4.14.5 <=4.18.1), org.apache.camel.quarkus:camel-quarkus-pqc (>=3.24.0 <=3.33.0) +2 more potentially affected by CVE-2026-40048 via org.apache.camel:camel-pqc (>=4.12.0 <=4.18.1)

org.apache.camel:camel-pqc MAVEN version =4.12.0, =4.14.5, =3.24.0, =3.24.0, =4.12.0, =4.18.1 Source cves: CVE-2026-40048 Source advisory: OSV:GHSA-V3VG-332R-MW99...

SUSE CVE-2009-0587

Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...

org.apache.camel:camel-ahc-ws (=2.16.0) potentially affected by CVE-2015-5348 via org.apache.camel:camel-ahc (=2.16.0)

org.apache.camel:camel-ahc MAVEN version =2.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-ahc and may be impacted: - org.apache.camel:camel-ahc-ws =2.16.0 Source cves: CVE-2015-5348 Source advisory: OSV:GHSA-26V6-W6FW-RH94...

Evolution Data Server ntlm_challenge()内存内容泄露漏洞

BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中，没有对从type 2拷贝到type 3报文（客户端对服务器挑战的响应）的域字符串长度验证从服务器所接收到的剩余数据： 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...