Vulnerability	Vulnerable Version
C Deserialization of Untrusted Data org.apache.camel:camel-mail is a Camel Mail support. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the `MailHeaderFilterStrategy` component. An attacker can execute arbitrary code or alter application behavior by injecting specially crafted MIME headers into emails delivered to a monitored mailbox, which are then mapped unfiltered into the Exchange and processed by downstream components. How to fix Deserialization of Untrusted Data? Upgrade `org.apache.camel:camel-mail` to version 4.14.6, 4.18.1 or higher.	[3.0.0-M1,4.14.6)[4.15.0,4.18.1)

Deserialization of Untrusted Data

org.apache.camel:camel-mail is a Camel Mail support.

Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the MailHeaderFilterStrategy component. An attacker can execute arbitrary code or alter application behavior by injecting specially crafted MIME headers into emails delivered to a monitored mailbox, which are then mapped unfiltered into the Exchange and processed by downstream components.

How to fix Deserialization of Untrusted Data?

Upgrade org.apache.camel:camel-mail to version 4.14.6, 4.18.1 or higher.

[3.0.0-M1,4.14.6)[4.15.0,4.18.1)

Go back to all versions of this package