Search for packages
| purl | pkg:deb/debian/undertow@2.3.8-2?distro=sid |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-jz3d-vvfb-jfbw | Undertow client not checking server identity presented by server certificate in https connections The undertow client is not checking the server identity presented by the server certificate in https connections. This should be performed by default in https and in http/2. |
CVE-2022-4492
GHSA-pfcc-3g6r-8rg8 |
| VCID-usz2-tufg-k7gz | Undertow denial of service vulnerability A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates. |
CVE-2023-1108
GHSA-m4mm-pg93-fv78 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:18:08.890532+00:00 | Debian Importer | Fixing | VCID-jz3d-vvfb-jfbw | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T11:10:34.728346+00:00 | Debian Importer | Fixing | VCID-usz2-tufg-k7gz | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T07:41:23.655345+00:00 | Debian Importer | Fixing | VCID-jz3d-vvfb-jfbw | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T07:35:47.838955+00:00 | Debian Importer | Fixing | VCID-usz2-tufg-k7gz | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:55:45.459305+00:00 | Debian Importer | Fixing | VCID-usz2-tufg-k7gz | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:55:45.434829+00:00 | Debian Importer | Fixing | VCID-jz3d-vvfb-jfbw | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |