9 matches found
The vulnerability of the Camel-Undertow component in the Java framework Apache Camel allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the Camel-Undertow component in the Java framework Apache Camel is related to the lack of measures taken to neutralize its internal special elements. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected...
org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)
org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: OSV:GHSA-VQ4P-PCHP-6G6V...
org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)
org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-9598038...
GHSA-VQ4P-PCHP-6G6V Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177
Apache Camel vulnerability CVE-2025-30177 affects Camel-Undertow in Camel versions 4.10.0–4.10.3 and 4.8.0–4.8.6, where the DefaultHeaderFilterStrategy is insufficiently filtering incoming headers. The issue allows Camel-specific headers to bypass the header filter (notably in the Camel-Undertow ...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...