CVE-2025-66169

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-66169
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-66169.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-66169
Aliases
Published
2026-01-14T12:16:32.257Z
Modified
2026-01-18T03:48:38.812380Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

Cypher Injection vulnerability in Apache Camel camel-neo4j component.

This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0

Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.

References

Affected packages

Git / github.com/apache/camel

Affected ranges

Type
GIT
Repo
https://github.com/apache/camel
Events
Introduced
6f00e4749db83b2f8b797b79e7cf9c4ace314ba9
Fixed
6a9955c07da4cc92988a4c6af8778e5069cdb255

Affected versions

camel-4.*

camel-4.10.0
camel-4.10.1
camel-4.10.2
camel-4.10.3
camel-4.10.4
camel-4.10.5
camel-4.10.6
camel-4.10.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-66169.json"