Otavio Rodolfo Piske

**Name of the Vulnerable Software and Affected Versions** Apache Camel versions 3.0.0 through 3.21.3 Apache Camel versions 3.22.X through 3.22.0 Apache Camel versions 4.0.X through 4.0.3 Apache Camel versions 4.X through 4.3.0 **Description** The issue is related to the exposure of sensitive data by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent. This vulnerability affects Apache Camel and can be exploited by providing a custom ExchangeCreatedEvent that exposes sensitive data. **Recommendations** For Apache Camel versions 3.0.0 through 3.21.3, upgrade to version 3.21.4. For Apache Camel versions 3.22.X through 3.22.0, upgrade to version 3.22.1. For Apache Camel versions 4.0.X through 4.0.3, upgrade to version 4.0.4. For Apache Camel versions 4.X through 4.3.0, upgrade to version 4.4.0.