Fedora Account System
Red Hat Associate
Red Hat Customer
A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this security feature inadvertently creates an inverse security check. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue.
This issue has been addressed in the following products: Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16 Via RHSA-2026:37390 https://access.redhat.com/errata/RHSA-2026:37390