Homepage

org.apache.camel:camel-undertow@4.8.3 vulnerabilities

  • latest version

    4.10.3

  • latest non vulnerable version

    4.10.3

  • first published

    9 years ago

  • latest version published

    10 days ago

  • licenses detected

  • package registry

    View on Maven Central Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.apache.camel:camel-undertow package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Improper Handling of Case Sensitivity

    Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to the custom UndertowHeaderFilterStrategy only filtering outgoing and not incoming headers. An attacker can manipulate header entries to invoke arbitrary methods from the Bean registry or use expressions as part of the method parameters, leading to unauthorized actions on components like camel-bean and camel-exec.

    This vulnerability is a special case of the vulnerabilities described in CVE-2025-27636 and CVE-2025-29891, applying only to the Undertow component.

    How to fix Improper Handling of Case Sensitivity?

    Upgrade org.apache.camel:camel-undertow to version 4.8.6, 4.10.3 or higher.

    [4.8.0,4.8.6)[4.10.0,4.10.3)
    Go back to all versions of this package