Lucene search
K

12 matches found

EUVD
EUVD
added 2026/07/06 8:15 a.m.7 views

EUVD-2026-41851

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 8:15 a.m.12 views

CVE-2026-56139

CVE-2026-56139 concerns Apache Camel Undertow: the muteException option on the Undertow HTTP server consumer defaulted to false, causing processing errors to return the full Java stack trace in HTTP responses. This exposed sensitive information (credentials in messages, host/IPs, filesystem paths...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:15 a.m.6 views

CVE-2026-56139

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

5.8AI score0.00363EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.7 views

The vulnerability of the Camel-Undertow component in the Java framework Apache Camel allows a attacker to influence the confidentiality and integrity of the protected information.

The vulnerability of the Camel-Undertow component in the Java framework Apache Camel is related to the lack of measures taken to neutralize its internal special elements. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected...

6.5CVSS6.5AI score0.01009EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2025/04/01 12:30 p.m.7 views

org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)

org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-9598038...

6.5CVSS7AI score0.79817EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2025/04/01 12:30 p.m.12 views

org.apache.camel.karaf:camel-undertow (>=4.8.1 <=4.8.5), org.apache.camel.springboot:camel-undertow-spring-security-starter (>=4.8.0 <=4.8.5) +3 more potentially affected by CVE-2025-27636 +2 more via org.apache.camel:camel-undertow (>=4.8.0 <=4.8.5)

org.apache.camel:camel-undertow MAVEN version =4.8.0, =4.8.1, =4.8.0, =4.8.0, =4.8.0, =4.8.0, =4.8.5 Source cves: CVE-2025-27636, CVE-2025-29891, CVE-2025-30177 Source advisory: OSV:GHSA-VQ4P-PCHP-6G6V...

6.5CVSS7AI score0.79817EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2025/04/01 12:30 p.m.18 views

Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

6.5CVSS7.1AI score0.01009EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/04/01 12:30 p.m.3 views

GHSA-VQ4P-PCHP-6G6V Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

6.5CVSS5.8AI score0.79817EPSS
Exploits4References6
NVD
NVD
added 2025/04/01 12:15 p.m.23 views

CVE-2025-30177

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

6.5CVSS0.01009EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/01 11:56 a.m.12 views

CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

7.1AI score0.01009EPSS
Exploits0References3
CVE
CVE
added 2025/04/01 11:56 a.m.96 views

CVE-2025-30177

Apache Camel vulnerability CVE-2025-30177 affects Camel-Undertow in Camel versions 4.10.0–4.10.3 and 4.8.0–4.8.6, where the DefaultHeaderFilterStrategy is insufficiently filtering incoming headers. The issue allows Camel-specific headers to bypass the header filter (notably in the Camel-Undertow ...

6.5CVSS7.1AI score0.01009EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/04/01 11:56 a.m.49 views

CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

0.01009EPSS
Exploits0References3
Rows per page
Query Builder