apache · oscerd · May 27, 2026 · May 26, 2026
diff --git a/...log/src/generated/resources/org/apache/camel/catalog/beans/JdbcAggregationRepository.json b/...log/src/generated/resources/org/apache/camel/catalog/beans/JdbcAggregationRepository.json
@@ -10,7 +10,7 @@
     "groupId": "org.apache.camel",
     "artifactId": "camel-sql",
     "version": "4.21.0-SNAPSHOT",
-    "properties": { "dataSource": { "index": 0, "kind": "property", "displayName": "Data Source", "required": true, "type": "object", "javaType": "javax.sql.DataSource", "deprecated": false, "autowired": false, "secret": false, "description": "The DataSource to use for connecting to the database" }, "transactionManager": { "index": 1, "kind": "property", "displayName": "Transaction Manager", "required": true, "type": "object", "javaType": "org.springframework.transaction.PlatformTransactionManager", "deprecated": false, "autowired": false, "secret": false, "description": "The Spring TransactionManager to use for connecting to the database" }, "repositoryName": { "index": 2, "kind": "property", "displayName": "Repository Name", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "The name of the repository." }, "headersToStoreAsText": { "index": 3, "kind": "property", "displayName": "Headers To Store As Text", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Allows to store headers as String which is human readable. By default this option is disabled, storing the headers in binary format. Multiple header names can be separated by comma." }, "storeBodyAsText": { "index": 4, "kind": "property", "displayName": "Store Body As Text", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether to store the message body as String which is human readable. By default this option is false storing the body in binary format." }, "useRecovery": { "index": 5, "kind": "property", "displayName": "Use Recovery", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Whether or not recovery is enabled" }, "recoveryInterval": { "index": 6, "kind": "property", "displayName": "Recovery Interval", "required": false, "type": "integer", "javaType": "long", "deprecated": false, "autowired": false, "secret": false, "defaultValue": 5000, "description": "Sets the interval between recovery scans" }, "maximumRedeliveries": { "index": 7, "kind": "property", "displayName": "Maximum Redeliveries", "required": false, "type": "integer", "javaType": "int", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional limit of the number of redelivery attempt of recovered Exchange should be attempted, before its exhausted. When this limit is hit, then the Exchange is moved to the dead letter channel." }, "deadLetterUri": { "index": 8, "kind": "property", "displayName": "Dead Letter Uri", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional dead letter channel which exhausted recovered Exchange should be send to." }, "allowSerializedHeaders": { "index": 9, "kind": "property", "displayName": "Allow Serialized Headers", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "security": "insecure:serialization", "description": "Whether headers on the Exchange that are Java objects and Serializable should be included and saved to the repository" }, "deserializationFilter": { "index": 10, "kind": "property", "displayName": "Deserialization Filter", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "!java.net.**;java.**;org.apache.camel.**;!*", "description": "Sets a deserialization filter while reading Object from Aggregation Repository. By default the filter denies java.net.** (to avoid classes whose hash\/equals methods perform network I\/O) and otherwise allows all java packages and subpackages and all org.apache.camel packages and subpackages, while the remaining will be blacklisted and not deserialized. This parameter should be customized if you're using classes you trust to be deserialized." }, "jdbcOptimisticLockingExceptionMapper": { "index": 11, "kind": "property", "displayName": "Jdbc Optimistic Locking Exception Mapper", "label": "advanced", "required": false, "type": "object", "javaType": "org.apache.camel.processor.aggregate.jdbc.JdbcOptimisticLockingExceptionMapper", "deprecated": false, "autowired": false, "secret": false, "description": "Mapper allowing different JDBC vendors to be mapped with vendor specific error codes to an OptimisticLockingException" }, "lobHandler": { "index": 12, "kind": "property", "displayName": "Lob Handler", "label": "advanced", "required": false, "type": "object", "javaType": "org.springframework.jdbc.support.lob.LobHandler", "deprecated": false, "autowired": false, "secret": false, "description": "To use a custom LobHandler" } }
+    "properties": { "dataSource": { "index": 0, "kind": "property", "displayName": "Data Source", "required": true, "type": "object", "javaType": "javax.sql.DataSource", "deprecated": false, "autowired": false, "secret": false, "description": "The DataSource to use for connecting to the database" }, "transactionManager": { "index": 1, "kind": "property", "displayName": "Transaction Manager", "required": true, "type": "object", "javaType": "org.springframework.transaction.PlatformTransactionManager", "deprecated": false, "autowired": false, "secret": false, "description": "The Spring TransactionManager to use for connecting to the database" }, "repositoryName": { "index": 2, "kind": "property", "displayName": "Repository Name", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "The name of the repository." }, "headersToStoreAsText": { "index": 3, "kind": "property", "displayName": "Headers To Store As Text", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Allows to store headers as String which is human readable. By default this option is disabled, storing the headers in binary format. Multiple header names can be separated by comma." }, "storeBodyAsText": { "index": 4, "kind": "property", "displayName": "Store Body As Text", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether to store the message body as String which is human readable. By default this option is false storing the body in binary format." }, "useRecovery": { "index": 5, "kind": "property", "displayName": "Use Recovery", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Whether or not recovery is enabled" }, "recoveryInterval": { "index": 6, "kind": "property", "displayName": "Recovery Interval", "required": false, "type": "integer", "javaType": "long", "deprecated": false, "autowired": false, "secret": false, "defaultValue": 5000, "description": "Sets the interval between recovery scans" }, "maximumRedeliveries": { "index": 7, "kind": "property", "displayName": "Maximum Redeliveries", "required": false, "type": "integer", "javaType": "int", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional limit of the number of redelivery attempt of recovered Exchange should be attempted, before its exhausted. When this limit is hit, then the Exchange is moved to the dead letter channel." }, "deadLetterUri": { "index": 8, "kind": "property", "displayName": "Dead Letter Uri", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional dead letter channel which exhausted recovered Exchange should be send to." }, "allowSerializedHeaders": { "index": 9, "kind": "property", "displayName": "Allow Serialized Headers", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "security": "insecure:serialization", "description": "Whether headers on the Exchange that are Java objects and Serializable should be included and saved to the repository" }, "deserializationFilter": { "index": 10, "kind": "property", "displayName": "Deserialization Filter", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "!java.net.**;java.**;org.apache.camel.**;maxdepth=20;maxrefs=10000;maxbytes=10485760;!*", "description": "Sets a deserialization filter while reading Object from Aggregation Repository. By default the filter denies java.net.** (to avoid classes whose hash\/equals methods perform network I\/O) and otherwise allows all java packages and subpackages and all org.apache.camel packages and subpackages, while the remaining will be blacklisted and not deserialized. It also applies JEP-290 graph-shape limits (maxdepth, maxrefs, maxbytes) as defense-in-depth against resource-exhaustion payloads. This parameter should be customized if you're using classes you trust to be deserialized." }, "jdbcOptimisticLockingExceptionMapper": { "index": 11, "kind": "property", "displayName": "Jdbc Optimistic Locking Exception Mapper", "label": "advanced", "required": false, "type": "object", "javaType": "org.apache.camel.processor.aggregate.jdbc.JdbcOptimisticLockingExceptionMapper", "deprecated": false, "autowired": false, "secret": false, "description": "Mapper allowing different JDBC vendors to be mapped with vendor specific error codes to an OptimisticLockingException" }, "lobHandler": { "index": 12, "kind": "property", "displayName": "Lob Handler", "label": "advanced", "required": false, "type": "object", "javaType": "org.springframework.jdbc.support.lob.LobHandler", "deprecated": false, "autowired": false, "secret": false, "description": "To use a custom LobHandler" } }
   }
 }
 
diff --git a/.../src/generated/resources/org/apache/camel/catalog/beans/LevelDBAggregationRepository.json b/.../src/generated/resources/org/apache/camel/catalog/beans/LevelDBAggregationRepository.json
@@ -10,7 +10,7 @@
     "groupId": "org.apache.camel",
     "artifactId": "camel-leveldb",
     "version": "4.21.0-SNAPSHOT",
-    "properties": { "persistentFileName": { "index": 0, "kind": "property", "displayName": "Persistent File Name", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Name of file to use for storing data" }, "repositoryName": { "index": 1, "kind": "property", "displayName": "Repository Name", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Name of repository" }, "sync": { "index": 2, "kind": "property", "displayName": "Sync", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether LevelDB should sync writes" }, "returnOldExchange": { "index": 3, "kind": "property", "displayName": "Return Old Exchange", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether to return the old exchange when adding new exchanges to the repository" }, "useRecovery": { "index": 4, "kind": "property", "displayName": "Use Recovery", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Whether or not recovery is enabled" }, "recoveryInterval": { "index": 5, "kind": "property", "displayName": "Recovery Interval", "required": false, "type": "integer", "javaType": "long", "deprecated": false, "autowired": false, "secret": false, "defaultValue": 5000, "description": "Sets the interval between recovery scans" }, "maximumRedeliveries": { "index": 6, "kind": "property", "displayName": "Maximum Redeliveries", "required": false, "type": "integer", "javaType": "int", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional limit of the number of redelivery attempt of recovered Exchange should be attempted, before its exhausted. When this limit is hit, then the Exchange is moved to the dead letter channel." }, "deadLetterUri": { "index": 7, "kind": "property", "displayName": "Dead Letter Uri", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional dead letter channel which exhausted recovered Exchange should be send to." }, "allowSerializedHeaders": { "index": 8, "kind": "property", "displayName": "Allow Serialized Headers", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "security": "insecure:serialization", "description": "Whether headers on the Exchange that are Java objects and Serializable should be included and saved to the repository" }, "serializer": { "index": 9, "kind": "property", "displayName": "Serializer", "label": "advanced", "required": false, "type": "object", "javaType": "org.apache.camel.component.leveldb.LevelDBSerializer", "deprecated": false, "autowired": false, "secret": false, "description": "To use a custom serializer for LevelDB" }, "deserializationFilter": { "index": 10, "kind": "property", "displayName": "Deserialization Filter", "label": "advanced", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "!java.net.**;java.**;org.apache.camel.**;!*", "description": "Sets a deserialization filter while reading Object from Aggregation Repository. By default the filter denies java.net.** (to avoid classes whose hash\/equals methods perform network I\/O) and otherwise allows all java packages and subpackages and all org.apache.camel packages and subpackages, while the remaining will be blacklisted and not deserialized. This parameter should be customized if you're using classes you trust to be deserialized." } }
+    "properties": { "persistentFileName": { "index": 0, "kind": "property", "displayName": "Persistent File Name", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Name of file to use for storing data" }, "repositoryName": { "index": 1, "kind": "property", "displayName": "Repository Name", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Name of repository" }, "sync": { "index": 2, "kind": "property", "displayName": "Sync", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether LevelDB should sync writes" }, "returnOldExchange": { "index": 3, "kind": "property", "displayName": "Return Old Exchange", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "description": "Whether to return the old exchange when adding new exchanges to the repository" }, "useRecovery": { "index": 4, "kind": "property", "displayName": "Use Recovery", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Whether or not recovery is enabled" }, "recoveryInterval": { "index": 5, "kind": "property", "displayName": "Recovery Interval", "required": false, "type": "integer", "javaType": "long", "deprecated": false, "autowired": false, "secret": false, "defaultValue": 5000, "description": "Sets the interval between recovery scans" }, "maximumRedeliveries": { "index": 6, "kind": "property", "displayName": "Maximum Redeliveries", "required": false, "type": "integer", "javaType": "int", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional limit of the number of redelivery attempt of recovered Exchange should be attempted, before its exhausted. When this limit is hit, then the Exchange is moved to the dead letter channel." }, "deadLetterUri": { "index": 7, "kind": "property", "displayName": "Dead Letter Uri", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Sets an optional dead letter channel which exhausted recovered Exchange should be send to." }, "allowSerializedHeaders": { "index": 8, "kind": "property", "displayName": "Allow Serialized Headers", "label": "advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "security": "insecure:serialization", "description": "Whether headers on the Exchange that are Java objects and Serializable should be included and saved to the repository" }, "serializer": { "index": 9, "kind": "property", "displayName": "Serializer", "label": "advanced", "required": false, "type": "object", "javaType": "org.apache.camel.component.leveldb.LevelDBSerializer", "deprecated": false, "autowired": false, "secret": false, "description": "To use a custom serializer for LevelDB" }, "deserializationFilter": { "index": 10, "kind": "property", "displayName": "Deserialization Filter", "label": "advanced", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "!java.net.**;java.**;org.apache.camel.**;maxdepth=20;maxrefs=10000;maxbytes=10485760;!*", "description": "Sets a deserialization filter while reading Object from Aggregation Repository. By default the filter denies java.net.** (to avoid classes whose hash\/equals methods perform network I\/O) and otherwise allows all java packages and subpackages and all org.apache.camel packages and subpackages, while the remaining will be blacklisted and not deserialized. It also applies JEP-290 graph-shape limits (maxdepth, maxrefs, maxbytes) as defense-in-depth against resource-exhaustion payloads. This parameter should be customized if you're using classes you trust to be deserialized." } }
   }
 }
 
diff --git a/...n/java/org/apache/camel/processor/aggregate/cassandra/CassandraAggregationRepository.java b/...n/java/org/apache/camel/processor/aggregate/cassandra/CassandraAggregationRepository.java
@@ -115,14 +115,23 @@ public class CassandraAggregationRepository extends ServiceSupport implements Re
               description = "Whether headers on the Exchange that are Java objects and Serializable should be included and saved to the repository")
     private boolean allowSerializedHeaders;
 
+    /**
+     * Default deserialization filter. Denies {@code java.net.**} and otherwise allows {@code java.**} and
+     * {@code org.apache.camel.**}; applies JEP-290 graph-shape limits ({@code maxdepth}, {@code maxrefs},
+     * {@code maxbytes}) as defense-in-depth against resource-exhaustion payloads.
+     */
+    static final String DEFAULT_DESERIALIZATION_FILTER
+            = "!java.net.**;java.**;org.apache.camel.**;maxdepth=20;maxrefs=10000;maxbytes=10485760;!*";
+
     /**
      * Sets a deserialization filter while reading Object from Aggregation Repository. By default the filter denies
      * {@code java.net.**} (to avoid classes whose hash/equals methods perform network I/O) and otherwise allows all
      * java packages and subpackages and all org.apache.camel packages and subpackages, while the remaining will be
-     * blacklisted and not deserialized. This parameter should be customized if you're using classes you trust to be
-     * deserialized.
+     * blacklisted and not deserialized. It also applies JEP-290 graph-shape limits ({@code maxdepth}, {@code maxrefs},
+     * {@code maxbytes}) as defense-in-depth against resource-exhaustion payloads. This parameter should be customized
+     * if you're using classes you trust to be deserialized.
      */
-    private String deserializationFilter = "!java.net.**;java.**;org.apache.camel.**;!*";
+    private String deserializationFilter = DEFAULT_DESERIALIZATION_FILTER;
 
     public CassandraAggregationRepository() {
     }