[jira] [Created] (CAMEL-23373) camel-jms - Disable ObjectMessage by default

Claus Ibsen (Jira) Tue, 28 Apr 2026 04:47:37 -0700

Claus Ibsen created CAMEL-23373:
-----------------------------------

             Summary: camel-jms - Disable ObjectMessage by default
                 Key: CAMEL-23373
                 URL: https://issues.apache.org/jira/browse/CAMEL-23373
             Project: Camel
          Issue Type: Improvement
          Components: camel-jms
            Reporter: Claus Ibsen
             Fix For: 4.21.0



Turn off JMS ObjectMessage by default.

 

Add new option to turn this back on component level.

camel.component.jms.objectMessageEnabled=true

 

Java ObjectMessage over JMS is never really in use, but security reports in 
Java keep coming from all over due to AI can generate a report and spam open 
source projects.

 

Nobody sends java serialized objects over JMS and all serious JMS brokers have 
security enforcements in their broker. But those AI reporters dont care.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (CAMEL-23373) camel-jms - Disable ObjectMessage by default

Reply via email to