Maven package
org.apache.camel/camel-infinispan
pkg:maven/org.apache.camel/camel-infinispan
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-40858 | Hig | 8.8 | >= 4.0.0, < 4.14.7 | 4.14.7 | Apr 27, 2026 | The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel applica |
- affected >= 4.0.0, < 4.14.7fixed 4.14.7
The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel applica