Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 2:17 p.m.5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow server core

Summary Due to use of Undertow, DevOps Test Performance and Rational Performance Tester contain a potential improper input validation vulnerability. CVE-2025-12543 Vulnerability Details CVEID:CVE-2025-12543 DESCRIPTION: A flaw was found in the Undertow HTTP server core, which is used in WildFly,...

9.6CVSS7.3AI score0.01179EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/09 4:52 p.m.10 views

Security Bulletin: Improper Host Header Validation in Undertow HTTP Server Enables Cache Poisoning and Session Hijacking affects watsonx.data

Summary A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed...

9.6CVSS7.3AI score0.01179EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:29 p.m.11 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Undertow

Summary Multiple vulnerabilities in Undertow that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-3884 DESCRIPTION: A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the...

9.6CVSS5.8AI score0.01256EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.7 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:4915)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4915 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.1AI score0.02772EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.12 (RHSA-2026:3889)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3889 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

9.6CVSS7.7AI score0.0217EPSS
Exploits1References27
Broadcom
Broadcom
added 2026/01/26 12:0 a.m.17 views

Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf (CVE-2025-12543)

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests. As a result, requests containing malformed or malicious Host headers are processed withou...

9.6CVSS5.8AI score0.01179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.4 views

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2025-12543 Source advisory: OSV:GHSA-J382-5JJ3-VW4J...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.3 views

io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (=2.4.0.Alpha1)

io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...

9.6CVSS7.5AI score0.01179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.6 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +2475 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=2.0.0.Alpha1 <=2.2.38.Final)

io.undertow:undertow-core MAVEN version =2.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =1.0.1, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-12543 Source advisory: SNYK:JAVA-IOUNDERTOW-14908846...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.6 views

io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (=2.4.0.Alpha1)

io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...

9.6CVSS7.3AI score0.01179EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.5 views

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2025-12543 Source advisory: SNYK:JAVA-IOUNDERTOW-14908846...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
Rows per page
Query Builder