12 matches found
EUVD-2026-41851
Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...
CVE-2026-56139
CVE-2026-56139 concerns Apache Camel Undertow: the muteException option on the Undertow HTTP server consumer defaulted to false, causing processing errors to return the full Java stack trace in HTTP responses. This exposed sensitive information (credentials in messages, host/IPs, filesystem paths...
CVE-2026-56139
Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...
The vulnerability of the Camel-Undertow component in the Java framework Apache Camel allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the Camel-Undertow component in the Java framework Apache Camel is related to the lack of measures taken to neutralize its internal special elements. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected...
org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)
org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-9598038...
org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)
org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: OSV:GHSA-VQ4P-PCHP-6G6V...
Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
GHSA-VQ4P-PCHP-6G6V Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...
CVE-2025-30177
Apache Camel vulnerability CVE-2025-30177 affects Camel-Undertow in Camel versions 4.10.0–4.10.3 and 4.8.0–4.8.6, where the DefaultHeaderFilterStrategy is insufficiently filtering incoming headers. The issue allows Camel-specific headers to bypass the header filter (notably in the Camel-Undertow ...
CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...