CVE-2025-30177

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.8.0 through 4.8.5 Apache Camel versions 4.10.0 through 4.10.2

Description The issue is related to a Bypass/Injection vulnerability in the Apache Camel-Undertow component. This vulnerability allows an attacker to include Camel specific headers that can alter the behavior of some Camel components, such as the camel-bean component or the camel-exec component. The custom header filter strategy used by the component only filters the "out" direction, while it doesn't filter the "in" direction.

Recommendations For Apache Camel versions 4.8.0 through 4.8.5, upgrade to version 4.8.6. For Apache Camel versions 4.10.0 through 4.10.2, upgrade to version 4.10.3. As a temporary workaround, consider restricting the use of the vulnerable Camel-Undertow component until a patch is available. Avoid using the custom header filter strategy in the "in" direction to minimize the risk of exploitation.