Search for packages
Package details: pkg:maven/io.undertow/undertow-core@2.3.18.Final
purl pkg:maven/io.undertow/undertow-core@2.3.18.Final
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-mg72-p5nt-4bg8
Aliases:
CVE-2024-4109
GHSA-22c5-cpvr-cfvq
A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:13:53.521676+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.3
2025-06-03T23:49:20.606088+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.0
2025-06-02T23:48:04.460012+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.1.2
2025-03-28T16:49:24.148927+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 36.0.0
2025-01-17T02:47:53.224391+00:00 GHSA Importer Affected by VCID-mg72-p5nt-4bg8 https://github.com/advisories/GHSA-22c5-cpvr-cfvq 35.1.0
2025-01-16T23:28:56.728782+00:00 GitLab Importer Affected by VCID-mg72-p5nt-4bg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2024-4109.yml 35.1.0
2024-12-13T09:04:50.734510+00:00 GHSA Importer Affected by VCID-mg72-p5nt-4bg8 https://github.com/advisories/GHSA-22c5-cpvr-cfvq 35.0.0