Lucene search
K

undertow: Information leak in requests for directories without trailing slashes

🗓️ 14 Oct 2019 18:29:54Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 5 Views

Undertow before version 2.0.23.Final leaks directory structure via requests without trailing slashes.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
CNVD
Red Hat Undertow Information Disclosure Vulnerability (CNVD-2019-24570)
26 Jul 201900:00
cnvd
CVE
CVE-2019-10184
25 Jul 201920:35
cve
Cvelist
CVE-2019-10184
25 Jul 201920:35
cvelist
Debian CVE
CVE-2019-10184
25 Jul 201920:35
debiancve
EUVD
EUVD-2019-0642
7 Oct 202500:30
euvd
Github Security Blog
Undertow Missing Authorization when requesting a protected directory without trailing slash
1 Aug 201919:18
github
NVD
CVE-2019-10184
25 Jul 201921:15
nvd
OSV
CVE-2019-10184
25 Jul 201921:15
osv
OSV
DEBIAN-CVE-2019-10184
25 Jul 201921:15
osv
OSV
GHSA-W69W-JVC7-WJGV Undertow Missing Authorization when requesting a protected directory without trailing slash
1 Aug 201919:18
osv
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux7anyrh-sso7-keycloak0:4.8.13-1.Final_redhat_00001.1.el7sso.noarchrh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch.noarch.rpm
Red Hat Enterprise Linux7anyrh-sso7-keycloak-server0:4.8.13-1.Final_redhat_00001.1.el7sso.noarchrh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch.noarch.rpm
Red Hat Enterprise Linux7x86_64rh-sso7-libunix-dbus-java0:0.8.0-2.el7ssorh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64.rpm
Red Hat Enterprise Linux7x86_64rh-sso7-libunix-dbus-java-debuginfo0:0.8.0-2.el7ssorh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64.rpm
Red Hat Enterprise Linux7x86_64rh-sso7-libunix-dbus-java-devel0:0.8.0-2.el7ssorh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Jun 2026 12:32Current
5.8Medium risk
Vulners AI Score5.8
CVSS 25
CVSS 3.17.5
CVSS 35.3
EPSS0.03478
5