Apache

Camel

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 09:36:25
  • Zuletzt bearbeitet 08.07.2026 14:38:22

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the is...

  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 09:35:31
  • Zuletzt bearbeitet 08.07.2026 14:38:17

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the is...

  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 09:34:48
  • Zuletzt bearbeitet 08.07.2026 14:38:10

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue.

  • EPSS 0.5%
  • Veröffentlicht 06.07.2026 08:35:04
  • Zuletzt bearbeitet 07.07.2026 23:35:44

Deserialization of Untrusted Data vulnerability in Apache Camel, Apache Camel JMS component. JmsBinding.extractBodyFromJms() in camel-jms - and the equivalent JmsBinding in camel-sjms - deserializes the payload of an incoming JMS ObjectMessage via j...

  • EPSS 0.69%
  • Veröffentlicht 06.07.2026 08:24:10
  • Zuletzt bearbeitet 07.07.2026 23:33:09

Deserialization of Untrusted Data vulnerability in Apache Camel PQC Component. The camel-pqc component persists post-quantum key metadata (KeyMetadata) through pluggable KeyLifecycleManager implementations. AwsSecretsManagerKeyLifecycleManager.deser...

  • EPSS 0.31%
  • Veröffentlicht 06.07.2026 08:16:00
  • Zuletzt bearbeitet 09.07.2026 13:02:06

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it...

  • EPSS 0.36%
  • Veröffentlicht 06.07.2026 08:15:08
  • Zuletzt bearbeitet 09.07.2026 03:03:18

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processin...

  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 08:13:59
  • Zuletzt bearbeitet 09.07.2026 03:03:31

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Iggy component. The camel-iggy consumer mapped the user-headers of inbound Iggy messages into ...

  • EPSS 0.54%
  • Veröffentlicht 06.07.2026 08:13:24
  • Zuletzt bearbeitet 09.07.2026 03:03:47

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Atmosphere Websocket Component. The camel-atmosphere-websocket consumer mapped inbound WebSock...

  • EPSS 0.62%
  • Veröffentlicht 06.07.2026 08:12:32
  • Zuletzt bearbeitet 09.07.2026 03:03:58

Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely ('Failing Open') vulnerability in Apache Camel Keycloak Component. The KeycloakSecurityPolicy of camel-keycloak guards a route by running KeycloakSecurityPro...