Apache Camel: Header Injection Vulnerability in camel-undertow Component - Proactive Insights and Support For Open-Source Applications

In Apache Camel versions up to 4.10.2 and 4.8.5 a medium severity vulnerability CVE-2025-30177 was detected. This vulnerability allows attackers to inject Camel-specific headers into incoming requests due to a flaw in the custom header filter strategy, potentially altering the behavior of components such as camel-bean or camel-exec. To address this issue, users should upgrade to Apache Camel versions 4.10.3 or 4.8.6. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-30177.