Server-Side Request Forgery Vulnerability in Apache Camel DNS Component
CVE-2026-48205
Currently unrated
What is CVE-2026-48205?
An input validation flaw in Apache Camel's DNS component enables attackers to exploit an SSRF vulnerability. This weakness permits manipulation of DNS operation parameters through Headers that lack proper filtering, allowing attackers to direct requests to malicious DNS servers. The vulnerability could lead to information disclosure about internal hostnames and reconnaissance of the network without the need for authentication. It is advised to upgrade to the patched versions or to implement header filtering and validation to mitigate potential attacks.
Affected Version(s)
Apache Camel DNS 4.0.0 < 4.14.8
Apache Camel DNS 4.15.0 < 4.18.3
Apache Camel DNS 4.19.0 < 4.21.0