Maven package
org.apache.camel/camel-mail
pkg:maven/org.apache.camel/camel-mail
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33454 | Cri | 9.4 | >= 3.0.0, < 4.14.6 | 4.14.6 | Apr 27, 2026 | The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilter | |
| CVE-2018-8041 | — | >= 2.20.0, < 2.20.4 | 2.20.4 | Sep 17, 2018 | Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal. |
- affected >= 3.0.0, < 4.14.6fixed 4.14.6
The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilter
- CVE-2018-8041Sep 17, 2018affected >= 2.20.0, < 2.20.4fixed 2.20.4
Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal.