This is an automated email from the ASF dual-hosted git repository.

oscerd pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-website.git

commit b071de76d699132ac99c8a4500be772952e4066c
Author: Andrea Cosentino <[email protected]>
AuthorDate: Thu Jun 18 10:47:05 2026 +0200

    Focus CVE-2026-46726 on camel-vertx-websocket only
    
    Now that camel-atmosphere-websocket and camel-iggy have dedicated 
advisories (CVE-2026-55993, CVE-2026-55994), narrow CVE-2026-46726 to 
camel-vertx-websocket: trim the summary (title) and description to that single 
component, focus the fix note on VertxWebsocketHeaderFilterStrategy, and 
replace the per-component scope note with cross-references to the two sibling 
advisories. The .txt.asc is re-signed. The sibling advisories were reviewed and 
already single-component with matching cros [...]
    
    Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
    Signed-off-by: Andrea Cosentino <[email protected]>
---
 content/security/CVE-2026-46726.md      |  6 +++---
 content/security/CVE-2026-46726.txt.asc | 22 +++++++++++-----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/content/security/CVE-2026-46726.md 
b/content/security/CVE-2026-46726.md
index 38fd63af..c368100e 100644
--- a/content/security/CVE-2026-46726.md
+++ b/content/security/CVE-2026-46726.md
@@ -6,12 +6,12 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46726
 severity: HIGH
-summary: "Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and Camel-Iggy: 
Inbound consumers map externally-supplied parameters into the Exchange without 
a HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets through the 
vertx-websocket consumer"
-description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
+summary: "Camel-Vertx-Websocket: The inbound consumer maps externally-supplied 
WebSocket query and path parameters into the Exchange without a 
HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets when bridged to an HTTP 
producer"
+description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes the affected 
consumers apply a HeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so externally-supplied Camel* / camel* 
headers are no longer copied into th [...]
 credit: "This issue was discovered by Kamalpreet Singh"
 affected: "From 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 
before 4.21.0."
 fixed: 4.14.8, 4.18.3 and 4.21.0
 ---
 
-The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23285 (commit 
1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x 
(commit 88c43e3af36013585b5483c671950f30e5833a5f) and camel-4.14.x (commit 
508fc15deca97ba373eb3881a00e220eab9ec428). The fix adds a dedicated 
HeaderFilterStrategy to each affected consumer - a [...]
+The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23285 (commit 
1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x 
(commit 88c43e3af36013585b5483c671950f30e5833a5f) and camel-4.14.x (commit 
508fc15deca97ba373eb3881a00e220eab9ec428). The fix adds a dedicated 
VertxWebsocketHeaderFilterStrategy and a headerFil [...]
diff --git a/content/security/CVE-2026-46726.txt.asc 
b/content/security/CVE-2026-46726.txt.asc
index 7749e26a..60b43a0e 100644
--- a/content/security/CVE-2026-46726.txt.asc
+++ b/content/security/CVE-2026-46726.txt.asc
@@ -9,23 +9,23 @@ draft: false
 type: security-advisory
 cve: CVE-2026-46726
 severity: HIGH
-summary: "Camel-Vertx-Websocket, Camel-Atmosphere-Websocket and Camel-Iggy: 
Inbound consumers map externally-supplied parameters into the Exchange without 
a HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets through the 
vertx-websocket consumer"
-description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
+summary: "Camel-Vertx-Websocket: The inbound consumer maps externally-supplied 
WebSocket query and path parameters into the Exchange without a 
HeaderFilterStrategy, allowing injection of Camel control headers - enabling 
server-side request forgery and disclosure of secrets when bridged to an HTTP 
producer"
+description: "The camel-vertx-websocket consumer mapped inbound WebSocket 
query and path parameters into the Camel Exchange header map without applying 
any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). 
Because nothing blocked the Camel header namespace, a client connecting to the 
WebSocket endpoint could set Camel-internal control headers - including 
CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query 
parameters. In a route where the WebSocket  [...]
 mitigation: "Users are recommended to upgrade to version 4.21.0, which fixes 
the issue. If users are on the 4.14.x LTS releases stream, then they are 
suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, 
then they are suggested to upgrade to 4.18.3. The fix makes the affected 
consumers apply a HeaderFilterStrategy that filters the Camel header namespace 
case-insensitively on inbound mapping, so externally-supplied Camel* / camel* 
headers are no longer copied into th [...]
 credit: "This issue was discovered by Kamalpreet Singh"
 affected: "From 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 
before 4.21.0."
 fixed: 4.14.8, 4.18.3 and 4.21.0
 - ---
 
-The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23285 (commit 
1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x 
(commit 88c43e3af36013585b5483c671950f30e5833a5f) and camel-4.14.x (commit 
508fc15deca97ba373eb3881a00e220eab9ec428). The fix adds a dedicated 
HeaderFilterStrategy to each affected consumer - a [...]
+The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to 
the various commits that resolved the issue, and have more details. The fix was 
merged on main in https://github.com/apache/camel/pull/23285 (commit 
1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x 
(commit 88c43e3af36013585b5483c671950f30e5833a5f) and camel-4.14.x (commit 
508fc15deca97ba373eb3881a00e220eab9ec428). The fix adds a dedicated 
VertxWebsocketHeaderFilterStrategy and a headerFil [...]
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmozrAoACgkQ406fOAL/
-QQBrTAf/al2aZxYukhrMwEBny1REGyhlNf1o7IcWExkk1XgT6XAH2ZvFLRp8LuHm
-nJvptZMY+0Y8pOaEfi0n45wkiuSNCc13zHrV8FAJrML4M2+Tb3wXl/MXLXrDJo34
-5E/fTkEh93jT/DIfYAp1oIT9Ma6pjH6MhAyJ7jyN8XveRgT/2urAE/ebxaWoKuWy
-tvBaBD/2mOQfNKzBWTteFTN6PCyedyw86juERZUyIuN3fKtstEvIk7KUp2n9FC1Q
-wawpMTCuN5m0BX0EcFgeijqmTD3FoUzd2d0M/k+2iF5xdE31FruTvjYKDSPjcaoF
-d1FWV3kzOi6vEaZG4mKpXJvDJgq5DA==
-=em6K
+iQEzBAEBCgAdFiEEJ2Y0ButtuvUpHyYV406fOAL/QQAFAmozsGoACgkQ406fOAL/
+QQDWkAf/bG5bSlItv+LPhqZ9AGpXrB4SO17WNvemLDCxgnlQpR02RW+DzGr73h1+
+V6r0Ic+frI02u3OvGbtwJLrciz4FsLEmdRLaePgmWyu6r5TIjAvMfud+EU++oyPj
+polc/3hXOFj3dUKQx/gZTTJh/hjDfh2lqKCUQH0v2i+9ya/yRiB2MA6S7lVKU2uI
+XbPPR0jZybzvtr9U0a7dXSs1tUFAi/fzkP9Aafa5KsHHsDLOGfcVGf0wC8ckLPXZ
+pGTGJdivAzBc8TbL45k4tcHXZ2S5d+SeBFAQ7KsMH/X7d5d6vgRbcxGhhOhwkb/t
+V1dnhli9I6mvjCSU1llE9j+ktkz22g==
+=R382
 -----END PGP SIGNATURE-----

Reply via email to