Search for packages
Package details: pkg:maven/io.undertow/undertow-core@2.3.19.Final
purl pkg:maven/io.undertow/undertow-core@2.3.19.Final
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-154w-25yj-47ez Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse # Withdrawn Advisory This advisory has been withdrawn because it was determined to not be a valid vulnerability. This link is maintained to preserve external references. For more information, see https://nvd.nist.gov/vuln/detail/CVE-2024-4109. # Original Description A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. CVE-2024-4109
GHSA-22c5-cpvr-cfvq

Date Actor Action Vulnerability Source VulnerableCode Version
2025-09-09T17:54:31.190646+00:00 GitLab Importer Fixing VCID-154w-25yj-47ez https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 37.0.0