io.undertow:undertow-core@2.3.12.Final vulnerabilities

latest version

2.3.12.Final
first published

11 years ago
latest version published

2 months ago
licenses detected
- Apache-2.0
  [1.0.0.Alpha1,)
package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the io.undertow:undertow-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Improper Input Validation io.undertow:undertow-core is a Java web server based on non-blocking IO. Affected versions of this package are vulnerable to Improper Input Validation via the `FormAuthenticationMechanism`. An attacker can exhaust the server's memory, leading to a Denial of Service by sending crafted requests that cause an OutofMemory error. How to fix Improper Input Validation? Upgrade `io.undertow:undertow-core` to version 2.3.13.Final or higher.	[,2.3.13.Final)

Improper Input Validation

io.undertow:undertow-core is a Java web server based on non-blocking IO.

Affected versions of this package are vulnerable to Improper Input Validation via the FormAuthenticationMechanism. An attacker can exhaust the server's memory, leading to a Denial of Service by sending crafted requests that cause an OutofMemory error.

How to fix Improper Input Validation?

Upgrade io.undertow:undertow-core to version 2.3.13.Final or higher.

[,2.3.13.Final)

Go back to all versions of this package

io.undertow:undertow-core@2.3.12.Final vulnerabilities

latest version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities