Vulnerability	Vulnerable Version
C Improper Handling of Case Sensitivity Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to the custom `UndertowHeaderFilterStrategy` only filtering outgoing and not incoming headers. An attacker can manipulate header entries to invoke arbitrary methods from the Bean registry or use expressions as part of the method parameters, leading to unauthorized actions on components like `camel-bean` and `camel-exec`. This vulnerability is a special case of the vulnerabilities described in CVE-2025-27636 and CVE-2025-29891, applying only to the Undertow component. How to fix Improper Handling of Case Sensitivity? Upgrade `org.apache.camel:camel-undertow` to version 4.8.6, 4.10.3 or higher.	[4.8.0,4.8.6)[4.10.0,4.10.3)

Improper Handling of Case Sensitivity

Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to the custom UndertowHeaderFilterStrategy only filtering outgoing and not incoming headers. An attacker can manipulate header entries to invoke arbitrary methods from the Bean registry or use expressions as part of the method parameters, leading to unauthorized actions on components like camel-bean and camel-exec.

This vulnerability is a special case of the vulnerabilities described in CVE-2025-27636 and CVE-2025-29891, applying only to the Undertow component.

How to fix Improper Handling of Case Sensitivity?

Upgrade org.apache.camel:camel-undertow to version 4.8.6, 4.10.3 or higher.

[4.8.0,4.8.6)[4.10.0,4.10.3)

Go back to all versions of this package