Search for packages
Package details: pkg:maven/io.undertow/undertow-core@2.3.13.Final
purl pkg:maven/io.undertow/undertow-core@2.3.13.Final
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-5kpp-fmnn-aaaa
Aliases:
CVE-2024-3653
GHSA-ch7q-gpff-h9hp
undertow: LearningPushHandler can lead to remote memory DoS attacks
2.3.15.Final
Affected by 2 other vulnerabilities.
VCID-aekd-gxd5-aaab
Aliases:
CVE-2024-6162
GHSA-9442-gm4v-r222
undertow: url-encoded request path information can be broken on ajp-listener
2.3.14.Final
Affected by 4 other vulnerabilities.
VCID-mg72-p5nt-4bg8
Aliases:
CVE-2024-4109
GHSA-22c5-cpvr-cfvq
A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. There are no reported fixed by versions.
VCID-tp84-pqr2-jufg
Aliases:
CVE-2024-7885
GHSA-9623-mqmm-5rcf
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.
2.3.16.Final
Affected by 2 other vulnerabilities.
2.3.17.Final
Affected by 1 other vulnerability.
VCID-urfc-w8hp-aaak
Aliases:
CVE-2024-5971
GHSA-xpp6-8r3j-ww43
undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket
2.3.15.Final
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-5r27-rz68-aaak undertow: unrestricted request storage leads to memory exhaustion CVE-2023-1973
GHSA-97cq-f4jm-mv8h

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:13:53.512256+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.3
2025-06-20T17:11:32.431297+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 36.1.3
2025-06-20T17:06:40.389378+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 36.1.3
2025-06-20T17:04:55.673161+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 36.1.3
2025-06-20T17:04:45.113890+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 36.1.3
2025-06-20T17:04:06.727528+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 36.1.3
2025-06-03T23:49:20.597665+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.0
2025-06-03T23:47:21.725169+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 36.1.0
2025-06-03T23:42:50.192536+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 36.1.0
2025-06-03T23:41:13.451084+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 36.1.0
2025-06-03T23:41:02.794028+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 36.1.0
2025-06-03T23:40:27.322414+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 36.1.0
2025-06-02T23:48:04.449916+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.2
2025-06-02T23:45:55.364002+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 36.1.2
2025-06-02T23:41:06.984877+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 36.1.2
2025-06-02T23:39:28.401593+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 36.1.2
2025-06-02T23:39:17.887933+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 36.1.2
2025-06-02T23:38:43.369940+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 36.1.2
2025-04-03T22:36:29.414806+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.0.0
2025-04-03T22:31:39.039287+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 36.0.0
2025-04-03T22:21:01.159360+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 36.0.0
2025-04-03T22:18:04.691674+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 36.0.0
2025-04-03T22:17:48.230570+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 36.0.0
2025-04-03T22:16:32.880110+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 36.0.0
2025-02-18T04:25:30.690089+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 35.1.0
2025-02-18T04:17:29.905630+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 35.1.0
2025-02-18T04:17:14.752885+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 35.1.0
2025-02-18T04:04:17.824041+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 35.1.0
2025-02-18T04:00:23.883410+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 35.1.0
2025-02-18T03:03:56.071498+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 35.1.0
2024-12-13T05:20:37.796401+00:00 GitLab Importer Fixing VCID-5r27-rz68-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2023-1973.yml 35.0.0
2024-11-21T01:20:36.250036+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 35.0.0
2024-11-21T01:19:45.833656+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 35.0.0
2024-11-21T01:19:35.606895+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 35.0.0
2024-11-21T01:10:18.413680+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 35.0.0
2024-11-19T19:44:28.304541+00:00 GHSA Importer Fixing VCID-5r27-rz68-aaak https://github.com/advisories/GHSA-97cq-f4jm-mv8h 34.3.2
2024-11-19T01:06:56.192922+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 34.3.2
2024-11-19T01:06:11.251261+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 34.3.2
2024-11-19T01:06:01.392801+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 34.3.2
2024-11-19T00:59:01.176124+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 34.3.2
2024-11-19T00:43:24.306469+00:00 GithubOSV Importer Fixing VCID-5r27-rz68-aaak https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-97cq-f4jm-mv8h/GHSA-97cq-f4jm-mv8h.json 34.3.2
2024-10-08T01:42:31.316978+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 34.0.2
2024-10-08T01:42:12.372470+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 34.0.2
2024-10-08T01:42:05.125899+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 34.0.2
2024-10-08T01:36:57.356706+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 34.0.2
2024-10-07T22:33:32.383617+00:00 GHSA Importer Affected by VCID-tp84-pqr2-jufg https://github.com/advisories/GHSA-9623-mqmm-5rcf 34.0.2
2024-10-07T22:32:31.357872+00:00 GHSA Importer Affected by VCID-aekd-gxd5-aaab https://github.com/advisories/GHSA-9442-gm4v-r222 34.0.2
2024-10-07T22:32:19.424887+00:00 GHSA Importer Affected by VCID-urfc-w8hp-aaak https://github.com/advisories/GHSA-xpp6-8r3j-ww43 34.0.2
2024-10-07T22:15:44.698530+00:00 GHSA Importer Affected by VCID-5kpp-fmnn-aaaa https://github.com/advisories/GHSA-ch7q-gpff-h9hp 34.0.2
2024-09-23T01:44:52.046394+00:00 GitLab Importer Affected by VCID-tp84-pqr2-jufg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-7885.yml 34.0.1
2024-09-23T01:44:36.728685+00:00 GitLab Importer Affected by VCID-aekd-gxd5-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-6162.yml 34.0.1
2024-09-23T01:44:31.179657+00:00 GitLab Importer Affected by VCID-urfc-w8hp-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-5971.yml 34.0.1
2024-09-23T01:34:15.316766+00:00 GitLab Importer Affected by VCID-5kpp-fmnn-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-3653.yml 34.0.1
2024-09-22T22:51:41.850504+00:00 GHSA Importer Affected by VCID-tp84-pqr2-jufg https://github.com/advisories/GHSA-9623-mqmm-5rcf 34.0.1
2024-09-22T22:50:38.416680+00:00 GHSA Importer Affected by VCID-aekd-gxd5-aaab https://github.com/advisories/GHSA-9442-gm4v-r222 34.0.1
2024-09-22T22:50:27.202109+00:00 GHSA Importer Affected by VCID-urfc-w8hp-aaak https://github.com/advisories/GHSA-xpp6-8r3j-ww43 34.0.1
2024-09-22T22:42:21.202132+00:00 GHSA Importer Affected by VCID-5kpp-fmnn-aaaa https://github.com/advisories/GHSA-ch7q-gpff-h9hp 34.0.1