Apache

Camel

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 08:04:32
  • Zuletzt bearbeitet 08.07.2026 14:54:24

Improper Input Validation, Unintended Proxy or Intermediary ('Confused Deputy') vulnerability in Apache Camel CXF SOAP component. The camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName (and operat...

  • EPSS 0.33%
  • Veröffentlicht 06.07.2026 08:04:17
  • Zuletzt bearbeitet 08.07.2026 15:05:01

Improper Neutralization of Special Elements in Data Query Logic vulnerability in Apache Camel Neo4J component. The camel-neo4j producer builds the Cypher WHERE clause for its match/retrieve and delete operations from the CamelNeo4jMatchProperties ma...

  • EPSS 0.49%
  • Veröffentlicht 06.07.2026 08:03:54
  • Zuletzt bearbeitet 08.07.2026 15:05:34

Deserialization of Untrusted Data vulnerability in Apache Camel PQC component. The camel-pqc component persists post-quantum key metadata (KeyMetadata) through pluggable KeyLifecycleManager implementations. HashicorpVaultKeyLifecycleManager and AwsS...

  • EPSS 0.4%
  • Veröffentlicht 06.07.2026 08:03:16
  • Zuletzt bearbeitet 08.07.2026 15:06:03

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Lucene Component. The camel-lucene producer reads the search phrase from an Exchange header (LuceneConstants.HEADER_QUERY) whose value was the ...

  • EPSS 0.38%
  • Veröffentlicht 06.07.2026 08:02:37
  • Zuletzt bearbeitet 08.07.2026 15:06:26

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer (MailProducer.getSender) scanned the outgoing Exchange for message headers in the mail.smtp. ...

  • EPSS 0.42%
  • Veröffentlicht 06.07.2026 07:57:13
  • Zuletzt bearbeitet 08.07.2026 03:14:59

Improper Input Validation vulnerability in Apache Camel NATS component. The camel-nats component maps inbound NATS message headers into the Camel Exchange but defaulted its headerFilterStrategy to a bare new DefaultHeaderFilterStrategy() with no inb...

  • EPSS 0.47%
  • Veröffentlicht 06.07.2026 07:56:51
  • Zuletzt bearbeitet 08.07.2026 03:15:11

Improper Input Validation vulnerability in Apache Camel AWS2-SQS Component. The camel-aws2-sqs component map inbound message attributes into the Camel Exchange through a component-specific HeaderFilterStrategy. Sqs2HeaderFilterStrategy configured o...

  • EPSS 0.41%
  • Veröffentlicht 06.07.2026 07:56:29
  • Zuletzt bearbeitet 08.07.2026 03:15:29

Insufficient Session Expiration vulnerability in Apache Camel Keycloak Component. The camel-keycloak security helper KeycloakSecurityHelper.parseAndVerifyAccessToken builds a Keycloak TokenVerifier using withChecks(...) with only the subject-exists ...

  • EPSS 0.49%
  • Veröffentlicht 06.07.2026 07:56:14
  • Zuletzt bearbeitet 08.07.2026 03:15:21

Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux (CometD) message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMess...

  • EPSS 0.45%
  • Veröffentlicht 06.07.2026 07:55:56
  • Zuletzt bearbeitet 07.07.2026 23:30:09

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel ElasticSearch Rest Client. The camel-elasticsearch-rest-client component reads several Exchange headers to control its behaviour - SEARCH_QUERY...