Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.undertow/undertow-parent@2.2.24.Final
purl pkg:maven/io.undertow/undertow-parent@2.2.24.Final
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-7yc7-e35f-8uhj Uncontrolled Resource Consumption A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. CVE-2023-3223
GHSA-65h2-wf7m-q2v8

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:39:30.063027+00:00 GitLab Importer Fixing VCID-7yc7-e35f-8uhj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-parent/CVE-2023-3223.yml 38.4.0
2026-04-11T23:58:57.073280+00:00 GitLab Importer Fixing VCID-7yc7-e35f-8uhj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-parent/CVE-2023-3223.yml 38.3.0
2026-04-03T00:02:01.323273+00:00 GitLab Importer Fixing VCID-7yc7-e35f-8uhj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-parent/CVE-2023-3223.yml 38.1.0
2026-04-02T17:00:19.923509+00:00 GHSA Importer Fixing VCID-7yc7-e35f-8uhj https://github.com/advisories/GHSA-65h2-wf7m-q2v8 38.1.0
2026-04-01T12:57:52.189371+00:00 GithubOSV Importer Fixing VCID-7yc7-e35f-8uhj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-65h2-wf7m-q2v8/GHSA-65h2-wf7m-q2v8.json 38.0.0
2026-04-01T12:51:52.412427+00:00 GitLab Importer Fixing VCID-7yc7-e35f-8uhj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-parent/CVE-2023-3223.yml 38.0.0