Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.12 views

Apache Camel: camel-jms: camel-sjms: camel-sjms2: camel-amqp: camel-activemq: camel-activemq6: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage

A flaw was found in Apache Camel. A remote attacker could exploit a deserialization vulnerability by sending a specially crafted Java Message Service JMS ObjectMessage to a Camel application acting as a JMS consumer. This vulnerability arises because the application deserializes the message paylo...

9.8CVSS6.4AI score0.00881EPSS
Exploits2References6
vulnersOsv
vulnersOsv
added 2026/04/27 10:15 a.m.9 views

org.apache.camel.kafkaconnector:camel-sjms-batch-kafka-connector (>=0.1.0 <=0.11.0), org.apache.camel.kafkaconnector:camel-sjms-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-40453 via org.apache.camel:camel-sjms (>=3.0.0-M1 <=4.14.5)

org.apache.camel:camel-sjms MAVEN version =3.0.0-M1, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =4.10.3, =1.0.0, =2.2.0, =1.0.0-M1, =2.2.0, =2.2.0, =2.2.0, =2.2.0, =3.19.0, =1.0.0, =3.2...

9.9CVSS5.8AI score0.0086EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/27 10:14 a.m.9 views

org.apache.camel.kafkaconnector:camel-sjms-batch-kafka-connector (>=0.1.0 <=0.11.0), org.apache.camel.kafkaconnector:camel-sjms-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-40860 via org.apache.camel:camel-sjms (>=3.0.0-M1 <=4.14.6)

org.apache.camel:camel-sjms MAVEN version =3.0.0-M1, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =4.10.3, =1.0.0, =2.2.0, =1.0.0-M1, =2.2.0, =2.2.0, =2.2.0, =2.2.0, =3.19.0, =1.0.0, =3.2...

9.8CVSS5.8AI score0.00881EPSS
Exploits2
Snyk
Snyk
added 2026/04/27 10:14 a.m.7 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the JmsBinding.extractBodyFromJms function in camel-jms and it's equivalents in camel-sjms that does not apply any ObjectInputFilter. An attacker can execute arbitrary code by sending a crafted JMS...

9.8CVSS6.2AI score0.00881EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2026/04/27 9:34 a.m.9 views

org.apache.camel.kafkaconnector:camel-sjms-batch-kafka-connector (>=0.1.0 <=0.11.0), org.apache.camel.kafkaconnector:camel-sjms-kafka-connector (>=0.1.0 <=0.11.5) +19 more potentially affected by CVE-2026-40453 via org.apache.camel:camel-sjms (>=3.0.0 <=4.14.5)

org.apache.camel:camel-sjms MAVEN version =3.0.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =4.10.3, =1.0.0, =2.2.0, =1.0.0-M1, =2.2.0, =2.2.0, =2.2.0, =2.2.0, =3.19.0, =1.0.0, =3.27.3...

9.9CVSS5.4AI score0.0086EPSS
Exploits1
Rows per page
Query Builder