GHSA-4jrw-64vr-7g8m

Source

https://github.com/advisories/GHSA-4jrw-64vr-7g8m

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-4jrw-64vr-7g8m

Aliases

CVE-2025-66169

Published

2026-01-14T12:31:38Z

Modified

2026-01-15T22:56:25.064318Z

Severity

6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator

Summary

Apache Camel camel-neo4j component is vulnerable to cypher injection

Details

Cypher Injection vulnerability in Apache Camel camel-neo4j component.

This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0

Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.

Database specific

{
    "cwe_ids": [
        "CWE-74",
        "CWE-89",
        "CWE-943"
    ],
    "severity": "MODERATE",
    "nvd_published_at": "2026-01-14T12:16:32Z",
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-14T21:17:27Z"
}

References

Affected packages

Maven / org.apache.camel:camel-neo4j

Package

Name: org.apache.camel:camel-neo4j; View open source insights on deps.dev
Purl: pkg:maven/org.apache.camel/camel-neo4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.10.0

Fixed

4.10.8

Affected versions

4.*

4.10.0

4.10.1

4.10.2

4.10.3

4.10.4

4.10.5

4.10.6

4.10.7

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json"

Maven / org.apache.camel:camel-neo4j

Package

Name: org.apache.camel:camel-neo4j; View open source insights on deps.dev
Purl: pkg:maven/org.apache.camel/camel-neo4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.14.0

Fixed

4.14.3

Affected versions

4.*

4.14.0

4.14.1

4.14.2

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json"

Maven / org.apache.camel:camel-neo4j

Package

Name: org.apache.camel:camel-neo4j; View open source insights on deps.dev
Purl: pkg:maven/org.apache.camel/camel-neo4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

4.17.0

Affected versions

4.*

4.15.0

4.16.0

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json"