Search for packages
| purl | pkg:maven/io.undertow/undertow-core@2.2.28.Final |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3xp2-cf3t-aaak
Aliases: CVE-2024-1459 GHSA-v76w-3ph8-vm66 |
undertow: directory traversal vulnerability |
Affected by 9 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-5kpp-fmnn-aaaa
Aliases: CVE-2024-3653 GHSA-ch7q-gpff-h9hp |
undertow: LearningPushHandler can lead to remote memory DoS attacks |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-5r27-rz68-aaak
Aliases: CVE-2023-1973 GHSA-97cq-f4jm-mv8h |
undertow: unrestricted request storage leads to memory exhaustion |
Affected by 8 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-5w7z-gku5-aaad
Aliases: CVE-2024-1635 GHSA-w6qf-42m7-vh68 |
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak. |
Affected by 9 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-aekd-gxd5-aaab
Aliases: CVE-2024-6162 GHSA-9442-gm4v-r222 |
undertow: url-encoded request path information can be broken on ajp-listener |
Affected by 6 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-bj7m-y5ft-aaab
Aliases: CVE-2023-5379 |
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by mod_cluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because mod_proxy_cluster marks the JBoss EAP instance as an error worker when the TCP connection is closed from the backend after sending the AJP request without receiving an AJP response, and stops forwarding. This issue could allow a malicious user could to repeatedly send requests that exceed the max-header-size, causing a Denial of Service (DoS). |
Affected by 8 other vulnerabilities. |
|
VCID-f6a4-nmup-aaaq
Aliases: CVE-2023-1108 GHSA-m4mm-pg93-fv78 |
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates. |
Affected by 9 other vulnerabilities. |
|
VCID-mg72-p5nt-4bg8
Aliases: CVE-2024-4109 GHSA-22c5-cpvr-cfvq |
A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. | There are no reported fixed by versions. |
|
VCID-tp84-pqr2-jufg
Aliases: CVE-2024-7885 GHSA-9623-mqmm-5rcf |
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments. |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-urfc-w8hp-aaak
Aliases: CVE-2024-5971 GHSA-xpp6-8r3j-ww43 |
undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-uyp8-req2-aaag
Aliases: CVE-2022-4492 GHSA-pfcc-3g6r-8rg8 |
Undertow client not checking server identity presented by server certificate in https connections |
Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||