This Red Hat security advisory (RHSA-2025:3543) announces the availability of an updated Red Hat build of Apache Camel 4.8.5 for Spring Boot that fixes several security vulnerabilities. The fixed issues include: a json-smart library vulnerability leading to potential denial-of-service via stack exhaustion (CVE-2024-57699), a SmallRye Fault Tolerance vulnerability (CVE-2025-2240), a Spring Security BCryptPasswordEncoder flaw that does not enforce maximum password length (CVE-2025-22228), a Netty SslHandler validation flaw causing native crashes (CVE-2025-24970), and a bypass of header filters in camel-http and camel-http-base components via specially crafted responses (CVE-2025-27636). The advisory rates the update as important and recommends applying the update after prior errata. No CVSS scores are included, and no known exploits in the wild are reported.

The vulnerabilities fixed in this update could lead to denial-of-service conditions (via stack exhaustion), native crashes in SSL handling, bypass of HTTP header filters, and potential weaknesses in password validation enforcement. These issues could affect the reliability and security posture of applications using the affected Red Hat build of Apache Camel for Spring Boot. The advisory does not report any known active exploitation in the wild.

Red Hat has released an updated build of Apache Camel 4.8.5 for Spring Boot that addresses these vulnerabilities. Users should apply this security update after ensuring all previously released relevant errata have been installed. Detailed instructions for applying the update are available in the Red Hat advisory. There is no indication that additional mitigations are required beyond applying the official update.