3 matches found
CVE-2026-33453
The CVE-2026-33453 issue affects Apache Camel’s camel-coap component, enabling header injection via CoAP URI query parameters. The camel-coap handler copies incoming CoAP URI query params directly into Camel Exchange In headers without a HeaderFilterStrategy, allowing an unauthenticated attacker ...
CVE-2026-42527
CVE-2026-42527 describes a deserialization of untrusted data in Apache Camel. A permissive default ObjectInputFilter pattern (covering java., javax. , org.apache.camel.**) can serialize HashMap-like structures containing java.net.URL keys, causing DNS lookups as a side-channel via hashCode/equals...
CVE-2025-66169
The CVE-2025-66169 entry concerns a Cypher Injection vulnerability in the Apache Camel camel-neo4j component. Affected versions are 4.10.0 before 4.10.8, 4.14.0 before 4.14.3, and 4.15.0 before 4.17.0. The underlying issue is improper handling of Cypher queries, leading to potential unauthorized ...