Improper Handling of Case Sensitivity in org.apache.camel:camel-undertow | CVE-2025-30177

Q: How to fix?

Upgrade org.apache.camel:camel-undertow to version 4.8.6, 4.10.3 or higher.

Introduced: 1 Apr 2025

NewCVE-2025-30177 (opens in a new tab) CWE-178 (opens in a new tab)

How to fix?

Upgrade org.apache.camel:camel-undertow to version 4.8.6, 4.10.3 or higher.

Overview

Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to the custom UndertowHeaderFilterStrategy only filtering outgoing and not incoming headers. An attacker can manipulate header entries to invoke arbitrary methods from the Bean registry or use expressions as part of the method parameters, leading to unauthorized actions on components like camel-bean and camel-exec.

This vulnerability is a special case of the vulnerabilities described in CVE-2025-27636 and CVE-2025-29891, applying only to the Undertow component.

References

CVSS Base Scores

version 4.0

version 3.1

Attack Vector (AV)
Network
Attack Complexity (AC)
High
Attack Requirements (AT)
Present
Privileges Required (PR)
None
User Interaction (UI)
None

Confidentiality (VC)
High
Integrity (VI)
High
Availability (VA)
High

Confidentiality (SC)
None
Integrity (SI)
None
Availability (SA)
None

Improper Handling of Case Sensitivity Affecting org.apache.camel:camel-undertow package, versions [4.8.0,4.8.6)[4.10.0,4.10.3)

Severity

Do your applications use this vulnerable package?

Introduced: 1 Apr 2025

How to fix?

Overview

References

CVSS Base Scores

Snyk