Information on source package undertow

Available versions

ReleaseVersion
sid2.3.8-2

Open issues

BugsidDescription
CVE-2024-7885vulnerableA vulnerability was found in Undertow where the ProxyProtocolReadListe ...
CVE-2024-6162vulnerableA vulnerability was found in Undertow, where URL-encoded request paths ...
CVE-2024-5971vulnerableA vulnerability was found in Undertow, where the chunked response hang ...
CVE-2024-3653vulnerableA vulnerability was found in Undertow. This issue requires enabling th ...
CVE-2024-1635vulnerableA vulnerability was found in Undertow. This vulnerability impacts a se ...
CVE-2024-1459vulnerableA path traversal vulnerability was found in Undertow. This issue may a ...
CVE-2023-5379vulnerableA flaw was found in Undertow. When an AJP request is sent that exceeds ...
CVE-2023-4639vulnerableCookie Smuggling/Spoofing
CVE-2023-3223vulnerableA flaw was found in undertow. Servlets annotated with @MultipartConfig ...
CVE-2023-1973vulnerableA flaw was found in Undertow package. Using the FormAuthenticationMech ...

Resolved issues

BugDescription
CVE-2023-1108A flaw was found in undertow. This issue makes achieving a denial of s ...
CVE-2022-4492The undertow client is not checking the server identity presented by t ...
CVE-2022-2764A flaw was found in Undertow. Denial of service can be achieved as Und ...
CVE-2022-2053When a POST request comes through AJP and the request exceeds the max- ...
CVE-2022-1319A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improp ...
CVE-2022-1259A flaw was found in Undertow. A potential security issue in flow contr ...
CVE-2021-20220A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...
CVE-2021-3859A flaw was found in Undertow that tripped the client-side invocation t ...
CVE-2021-3690A flaw was found in Undertow. A buffer leak on the incoming WebSocket ...
CVE-2021-3629A flaw was found in Undertow. A potential security issue in flow contr ...
CVE-2021-3597A flaw was found in undertow. The HTTP2SourceChannel fails to write th ...
CVE-2020-27782A flaw was found in the Undertow AJP connector. Malicious requests and ...
CVE-2020-10719A flaw was found in Undertow in versions before 2.1.1.Final, regarding ...
CVE-2020-10705A flaw was discovered in Undertow in versions before Undertow 2.1.1.Fi ...
CVE-2020-10687A flaw was discovered in all versions of Undertow before Undertow 2.2. ...
CVE-2020-1757A flaw was found in all undertow-2.x.x SP1 versions prior to undertow- ...
CVE-2020-1745A file inclusion vulnerability was found in the AJP connector enabled ...
CVE-2019-19343A flaw was found in Undertow when using Remoting as shipped in Red Hat ...
CVE-2019-14888A vulnerability was found in the Undertow HTTP server in versions befo ...
CVE-2019-10212A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for i ...
CVE-2019-10184undertow before version 2.0.23.Final is vulnerable to an information l ...
CVE-2019-3888A vulnerability was found in Undertow web server before 2.0.21. An inf ...
CVE-2018-14642An information leak vulnerability was found in Undertow. If all header ...
CVE-2018-1114It was found that URLResource.getLastModified() in Undertow closes the ...
CVE-2018-1067In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the ...
CVE-2018-1048It was found that the AJP connector in undertow, as shipped in Jboss E ...
CVE-2017-12196undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was fou ...
CVE-2017-12165It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 proces ...
CVE-2017-7559In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1. ...
CVE-2017-2670It was found in Undertow before 1.3.28 that with non-clean TCP close, ...
CVE-2017-2666It was discovered in Undertow that the code that parsed the HTTP reque ...
CVE-2016-7046Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating ...
CVE-2016-4993CRLF injection vulnerability in the Undertow web server in WildFly 10. ...
CVE-2014-7816Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.1 ...

Security announcements

DSA / DLADescription
DSA-3906-1undertow - security update

Search for package or bug name: Reporting problems