VYPR

CWE-164

Improper Neutralization of Internal Special Elements

VariantIncomplete

Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes internal special elements that could be interpreted in unexpected ways when they are sent to a downstream component.

As data is parsed, improperly handled internal special elements may cause the process to take unexpected actions that result in an attack.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (2)

  • CVE-2025-30177Apr 1, 2025
    risk 0.00cvss epss 0.01

    Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x…

  • CVE-2025-29891Mar 12, 2025
    risk 0.00cvss epss 0.72

    Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. …