Search for packages
| purl | pkg:maven/io.undertow/undertow-core@2.2.1.Final |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3xp2-cf3t-aaak
Aliases: CVE-2024-1459 GHSA-v76w-3ph8-vm66 |
undertow: directory traversal vulnerability |
Affected by 9 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-5kpp-fmnn-aaaa
Aliases: CVE-2024-3653 GHSA-ch7q-gpff-h9hp |
undertow: LearningPushHandler can lead to remote memory DoS attacks |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-5r27-rz68-aaak
Aliases: CVE-2023-1973 GHSA-97cq-f4jm-mv8h |
undertow: unrestricted request storage leads to memory exhaustion |
Affected by 8 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-5w7z-gku5-aaad
Aliases: CVE-2024-1635 GHSA-w6qf-42m7-vh68 |
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak. |
Affected by 9 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-5y4u-f2nk-aaac
Aliases: CVE-2021-3690 GHSA-fj7c-vg2v-ccrm GMS-2022-2964 |
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. |
Affected by 0 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-732h-twxw-aaap
Aliases: CVE-2022-2053 GHSA-95rf-557x-44g5 |
CVE-2022-2053 undertow: Large AJP request may cause DoS |
Affected by 3 other vulnerabilities. Affected by 15 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-93ug-x19e-aaab
Aliases: CVE-2022-1259 |
CVE-2022-1259 undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) |
Affected by 12 other vulnerabilities. |
|
VCID-aekd-gxd5-aaab
Aliases: CVE-2024-6162 GHSA-9442-gm4v-r222 |
undertow: url-encoded request path information can be broken on ajp-listener |
Affected by 6 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-b1av-s4ht-aaan
Aliases: CVE-2021-3597 GHSA-mfhv-gwf8-4m88 |
Race condition in undertow |
Affected by 19 other vulnerabilities. |
|
VCID-bj7m-y5ft-aaab
Aliases: CVE-2023-5379 |
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by mod_cluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because mod_proxy_cluster marks the JBoss EAP instance as an error worker when the TCP connection is closed from the backend after sending the AJP request without receiving an AJP response, and stops forwarding. This issue could allow a malicious user could to repeatedly send requests that exceed the max-header-size, causing a Denial of Service (DoS). |
Affected by 8 other vulnerabilities. |
|
VCID-f6a4-nmup-aaaq
Aliases: CVE-2023-1108 GHSA-m4mm-pg93-fv78 |
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates. |
Affected by 10 other vulnerabilities. Affected by 11 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
VCID-ga84-mep2-aaar
Aliases: CVE-2021-3629 GHSA-rf6q-vx79-mjxr |
Uncontrolled Resource Consumption in Undertow |
Affected by 0 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-mg72-p5nt-4bg8
Aliases: CVE-2024-4109 GHSA-22c5-cpvr-cfvq |
A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. | There are no reported fixed by versions. |
|
VCID-mj17-qddr-aaaa
Aliases: CVE-2021-3859 GHSA-339q-62wm-c39w GMS-2022-2963 |
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks. |
Affected by 0 other vulnerabilities. Affected by 16 other vulnerabilities. |
|
VCID-sssr-kebe-aaah
Aliases: CVE-2022-2764 |
CVE-2022-2764 Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations |
Affected by 15 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-svnw-xs65-aaam
Aliases: CVE-2023-3223 GHSA-65h2-wf7m-q2v8 |
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. |
Affected by 10 other vulnerabilities. |
|
VCID-tp84-pqr2-jufg
Aliases: CVE-2024-7885 GHSA-9623-mqmm-5rcf |
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments. |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-tw4d-xnwu-aaah
Aliases: CVE-2022-1319 |
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG. |
Affected by 0 other vulnerabilities. Affected by 15 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-urfc-w8hp-aaak
Aliases: CVE-2024-5971 GHSA-xpp6-8r3j-ww43 |
undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-uyp8-req2-aaag
Aliases: CVE-2022-4492 GHSA-pfcc-3g6r-8rg8 |
Undertow client not checking server identity presented by server certificate in https connections |
Affected by 0 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||