Redhat Build Of Apache Camel - Hawtio vulnerabilities

CVE-2026-28368 [HIGH] CWE-444 CVE-2026-28368: A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially cra A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unaut

CVE-2026-28369 [HIGH] CWE-444 CVE-2026-28369: A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line sta A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker t

CVE-2026-3260 [MEDIUM] CWE-770 CVE-2026-3260: A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentia