Lucene search
+L

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/06 8:2 a.m.7 views

CVE-2026-46584

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer MailProducer.getSender scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present...

6AI score0.00378EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/04/27 9:42 a.m.2 views

CVE-2026-33454 Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)

The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component MailHeaderFilterStrategy only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a...

9.4CVSS6AI score0.00621EPSS
Exploits1References9
CVE
CVE
added 2026/04/27 9:42 a.m.101 views

CVE-2026-33454

The CVE describes an inbound header filtering gap in Camel-Mail (MailHeaderFilterStrategy): inbound headers are not filtered, allowing attacker-delivered email to inject Camel-specific headers that can influence downstream components (e.g., camel-bean, camel-exec, camel-sql). Affected: Apache Cam...

9.4CVSS5.3AI score0.00621EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.12 views

Apache Camel 代码问题漏洞

Apache Camel is an open-source integration framework based on the Enterprise Integration Pattern EIP, developed by the Apache Foundation in the United States. This framework provides implementations of Java objects following the EIP pattern, and routing and mediation rules are configured through...

9.4CVSS5.9AI score0.00621EPSS
Exploits1References1
Rows per page
Query Builder