Search for packages
| purl | pkg:maven/io.undertow/undertow-core@2.0.33 |
| Tags | Ghost |
| Next non-vulnerable version | 2.3.20.Final |
| Latest non-vulnerable version | 2.4.0.Beta1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-beaj-uk9m-17be
Aliases: CVE-2020-27782 GHSA-rhcw-wjcm-9h6g |
Denial of service in Undertow A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1. |
Affected by 19 other vulnerabilities. Affected by 1 other vulnerability. Affected by 16 other vulnerabilities. Affected by 15 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-02T12:37:58.639700+00:00 | GitLab Importer | Affected by | VCID-beaj-uk9m-17be | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2020-27782.yml | 38.0.0 |
| 2026-04-01T15:59:29.982889+00:00 | GHSA Importer | Fixing | VCID-beaj-uk9m-17be | https://github.com/advisories/GHSA-rhcw-wjcm-9h6g | 38.0.0 |
| 2026-04-01T13:06:05.108577+00:00 | GithubOSV Importer | Fixing | VCID-beaj-uk9m-17be | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-rhcw-wjcm-9h6g/GHSA-rhcw-wjcm-9h6g.json | 38.0.0 |