Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/undertow@1.4.3-1?distro=sid
purl pkg:deb/debian/undertow@1.4.3-1?distro=sid
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-ay2f-3xcv-dqdc Improper Neutralization of CRLF Sequences in HTTP Headers CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. CVE-2016-4993
GHSA-qcqr-hcjq-whfq
VCID-y5s2-w88t-8uhx Uncontrolled Resource Consumption Remote attackers could cause a denial of service (CPU and disk consumption) via a long URL. CVE-2016-7046
GHSA-3f57-w2rp-72fc

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:33:40.592680+00:00 Debian Importer Fixing VCID-ay2f-3xcv-dqdc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:02:42.042957+00:00 Debian Importer Fixing VCID-y5s2-w88t-8uhx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:52:53.799489+00:00 Debian Importer Fixing VCID-ay2f-3xcv-dqdc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:44:18.070169+00:00 Debian Importer Fixing VCID-y5s2-w88t-8uhx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:55:44.738490+00:00 Debian Importer Fixing VCID-y5s2-w88t-8uhx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:55:44.713437+00:00 Debian Importer Fixing VCID-ay2f-3xcv-dqdc https://security-tracker.debian.org/tracker/data/json 38.1.0