Homepage

eap7-undertow-server vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eap7-undertow-server package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

<0:1.9.4-1.Final_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.9.4-1.Final_redhat_00001.1.el7eap
  • H
Truncation of Security-relevant Information

<0:1.9.4-1.Final_redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:1.9.4-1.Final_redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:1.9.4-1.Final_redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Improperly Implemented Security Check for Standard

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Race Condition

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Allocation of Resources Without Limits or Throttling

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Incorrect Authorization

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Privilege Context Switching Error

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Insufficiently Protected Credentials

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • M
Cross-site Scripting (XSS)

<0:1.6.3-1.Final_redhat_00001.1.el7eap
  • H
Directory Traversal

<0:1.2.5-1.Final_redhat_00001.1.el7eap
  • H
Improper Authorization

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Exposed Dangerous Method or Function

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Session Fixation

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Directory Traversal

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • M
Cleartext Transmission of Sensitive Information

<0:1.0.2-1.Final_redhat_00001.1.ep7.el7
  • H
HTTP Request Smuggling

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Information Exposure

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Out-of-Bounds

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Access Restriction Bypass

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Improper Authorization

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
XML External Entity (XXE) Injection

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
SQL Injection

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Information Exposure

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Out-of-bounds Read

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Improper Access Control

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Information Exposure

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Arbitrary Code Injection

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • M
Information Exposure

<0:1.2.3-2.Final_redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:1.6.1-1.Final_redhat_00001.1.el7eap
  • H
Improper Resource Shutdown or Release

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • M
HTTP Request Smuggling

<0:1.6.3-1.Final_redhat_00001.1.el7eap
  • H
Out-of-Bounds

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
HTTP Response Splitting

<0:1.0.1-1.Final_redhat_1.1.ep7.el7
  • H
Cross-site Request Forgery (CSRF)

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.4-1.Final_redhat_00001.1.el7eap
  • H
Static Code Injection

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Static Code Injection

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:1.2.5-1.Final_redhat_00001.1.el7eap
  • H
XML External Entity (XXE) Injection

<0:1.6.2-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.5-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.5-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.5-1.Final_redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.2.5-1.Final_redhat_00001.1.el7eap