HawtIO 4.0.0 for Red Hat build of Apache Camel 4 GA Release is now available.
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated (TRIAGE CVE-2024-22234)
nodejs-ip: arbitrary code execution via the isPublic() function (TRIAGE CVE-2023-42282)
jose4j: denial of service via specially crafted JWE (TRIAGE CVE-2023-51775)
netty-codec-http: Allocation of Resources Without Limits or Throttling (TRIAGE CVE-2024-29025)
follow-redirects: Possible credential leak (TRIAGE CVE-2024-28849)