Apache Camel security advisory: CVE-2026-55994
Severity
HIGHSummary
Camel-Iggy: The inbound consumer maps externally-supplied Iggy message user-headers into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling server-side request forgery and disclosure of secrets when bridged to an HTTP producerVersions affected
From 4.17.0 before 4.18.3, from 4.19.0 before 4.21.0.Versions fixed
4.18.3 and 4.21.0Description
The camel-iggy consumer mapped the user-headers of inbound Iggy messages into the Camel Exchange header map without applying any HeaderFilterStrategy (IggyFetchRecords copied the message user-headers straight into the Exchange). Because nothing blocked the Camel header namespace, an actor able to publish to the consumed Iggy stream/topic could set Camel-internal control headers - including CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as message user-headers. In a route where the Iggy consumer feeds a downstream HTTP producer, the injected CamelHttpUri redirects the server-side HTTP request to an attacker-chosen destination (server-side request forgery - for example to an internal service or a cloud metadata endpoint). In addition, the HTTP producer resolves Camel property placeholders on the resulting (attacker-controlled) URI, so placeholders embedded in the injected value - such as an environment-variable reference, an application property, or a vault reference - are resolved to their real values and sent to the attacker, disclosing environment variables, application properties and vault secrets.Notes
The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23532 refers to the various commits that resolved the issue, and have more details. The fix was merged on main in https://github.com/apache/camel/pull/23285 (commit 1e776238202edb9d98972cff558e12b53e499647) and backported to camel-4.18.x (commit 88c43e3af36013585b5483c671950f30e5833a5f). The fix adds a dedicated IggyHeaderFilterStrategy and a headerFilterStrategy endpoint option to camel-iggy, filtering the Camel header namespace case-insensitively on inbound mapping, so attacker-supplied Camel* / camel* headers are no longer copied into the Exchange. The issue is classified as CWE-20 (Improper Input Validation), with the resulting impact when the consumer is bridged to a downstream HTTP producer being CWE-918 (Server-Side Request Forgery) and CWE-200 (Exposure of Sensitive Information). It belongs to the same Camel header-injection family as CVE-2025-27636, CVE-2025-29891, CVE-2025-30177, CVE-2026-40453, CVE-2026-46454 and CVE-2026-47323, and shares its fix (CAMEL-23532) with the sibling advisories CVE-2026-46726 (camel-vertx-websocket) and CVE-2026-55993 (camel-atmosphere-websocket). Scope note: camel-iggy was introduced in 4.17.0 and does not exist on the 4.14.x line, so the 4.14.x release line is not affected; the fix is included in 4.18.3 and 4.21.0.
Mitigation
Users are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. The fix adds a dedicated IggyHeaderFilterStrategy (and a headerFilterStrategy endpoint option) that filters the Camel header namespace case-insensitively on inbound mapping, so externally-supplied Camel* / camel* headers are no longer copied into the Exchange. For deployments that cannot upgrade immediately, strip the Camel control headers from the inbound message before they reach any downstream producer (for example removeHeaders(‘Camel*’) and removeHeaders(‘camel*’) at the start of the route), restrict who can publish to the consumed Iggy stream/topic, and avoid bridging an untrusted consumer directly into an HTTP producer whose target URI can be driven from message headers.Credit
This issue was discovered by Kamalpreet SinghReferences
- PGP signed advisory data: CVE-2026-55994.txt.asc
- Mitre CVE Entry: https://www.cve.org/CVERecord?id=CVE-2026-55994