| Bug | sid | Description |
|---|
| CVE-2024-7885 | vulnerable | A vulnerability was found in Undertow where the ProxyProtocolReadListe ... |
| CVE-2024-6162 | vulnerable | A vulnerability was found in Undertow, where URL-encoded request paths ... |
| CVE-2024-5971 | vulnerable | A vulnerability was found in Undertow, where the chunked response hang ... |
| CVE-2024-3653 | vulnerable | A vulnerability was found in Undertow. This issue requires enabling th ... |
| CVE-2024-1635 | vulnerable | A vulnerability was found in Undertow. This vulnerability impacts a se ... |
| CVE-2024-1459 | vulnerable | A path traversal vulnerability was found in Undertow. This issue may a ... |
| CVE-2023-5379 | vulnerable | A flaw was found in Undertow. When an AJP request is sent that exceeds ... |
| CVE-2023-4639 | vulnerable | A flaw was found in Undertow, which incorrectly parses cookies with ce ... |
| CVE-2023-3223 | vulnerable | A flaw was found in undertow. Servlets annotated with @MultipartConfig ... |
| CVE-2023-1973 | vulnerable | A flaw was found in Undertow package. Using the FormAuthenticationMech ... |
| Bug | Description |
|---|
| CVE-2023-1108 | A flaw was found in undertow. This issue makes achieving a denial of s ... |
| CVE-2022-4492 | The undertow client is not checking the server identity presented by t ... |
| CVE-2022-2764 | A flaw was found in Undertow. Denial of service can be achieved as Und ... |
| CVE-2022-2053 | When a POST request comes through AJP and the request exceeds the max- ... |
| CVE-2022-1319 | A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improp ... |
| CVE-2022-1259 | A flaw was found in Undertow. A potential security issue in flow contr ... |
| CVE-2021-20220 | A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ... |
| CVE-2021-3859 | A flaw was found in Undertow that tripped the client-side invocation t ... |
| CVE-2021-3690 | A flaw was found in Undertow. A buffer leak on the incoming WebSocket ... |
| CVE-2021-3629 | A flaw was found in Undertow. A potential security issue in flow contr ... |
| CVE-2021-3597 | A flaw was found in undertow. The HTTP2SourceChannel fails to write th ... |
| CVE-2020-27782 | A flaw was found in the Undertow AJP connector. Malicious requests and ... |
| CVE-2020-10719 | A flaw was found in Undertow in versions before 2.1.1.Final, regarding ... |
| CVE-2020-10705 | A flaw was discovered in Undertow in versions before Undertow 2.1.1.Fi ... |
| CVE-2020-10687 | A flaw was discovered in all versions of Undertow before Undertow 2.2. ... |
| CVE-2020-1757 | A flaw was found in all undertow-2.x.x SP1 versions prior to undertow- ... |
| CVE-2020-1745 | A file inclusion vulnerability was found in the AJP connector enabled ... |
| CVE-2019-19343 | A flaw was found in Undertow when using Remoting as shipped in Red Hat ... |
| CVE-2019-14888 | A vulnerability was found in the Undertow HTTP server in versions befo ... |
| CVE-2019-10212 | A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for i ... |
| CVE-2019-10184 | undertow before version 2.0.23.Final is vulnerable to an information l ... |
| CVE-2019-3888 | A vulnerability was found in Undertow web server before 2.0.21. An inf ... |
| CVE-2018-14642 | An information leak vulnerability was found in Undertow. If all header ... |
| CVE-2018-1114 | It was found that URLResource.getLastModified() in Undertow closes the ... |
| CVE-2018-1067 | In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the ... |
| CVE-2018-1048 | It was found that the AJP connector in undertow, as shipped in Jboss E ... |
| CVE-2017-12196 | undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was fou ... |
| CVE-2017-12165 | It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 proces ... |
| CVE-2017-7559 | In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1. ... |
| CVE-2017-2670 | It was found in Undertow before 1.3.28 that with non-clean TCP close, ... |
| CVE-2017-2666 | It was discovered in Undertow that the code that parsed the HTTP reque ... |
| CVE-2016-7046 | Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating ... |
| CVE-2016-4993 | CRLF injection vulnerability in the Undertow web server in WildFly 10. ... |
| CVE-2014-7816 | Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.1 ... |