RHSA-2026:19835CriticalCVSS 9.9

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP2)

Published
May 20, 2026
Last Modified
July 2, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2026-33454 — Apache Camel: Camel-Mail: Camel-Mail: Altered application behavior via header injection CVE-2026-40453 — Apache Camel: org.apache.camel: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection CVE-2026-42402 — org.apache.neethi: Apache Neethi: Denial of Service via algorithmic complexity in policy normalization CVE-2026-42403 — org.apache.neethi: Apache Neethi: Denial of Service via circular policy references CVE-2026-42404 — Apache Neethi: Apache Neethi: Information disclosure and network access bypass via PolicyReference API

🔗 References (13)