CVE-2025-66169
Description
Cypher Injection vulnerability in Apache Camel camel-neo4j component.This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.029
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j 4.10.8 | Windows |
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j 4.14.3 | Windows |
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j 4.17.0 | Windows |
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j for Linux 4.10.8 | Linux |
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j for Linux 4.14.3 | Linux |
| Vulnerabilities CVE-2025-66169 are fixed in Apache - camel-neo4j for Linux 4.17.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234