PSA: There was recently a CVE fix released for Undertow. If you are using that backend, we recommend that you upgrade ASAP to the latest version of http4k (>4.28.0.0). Changelog here edit: To clarify - it's unlikely that you are affected by this, but it will break any CVE security reports that you have in your pipelines, so it's worth upgrading anyway 😉