14 matches found
africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3482 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.38.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-12543 Source advisory: OSV:GHSA-J382-5JJ3-VW4J...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-3884 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-3884 Source advisory: OSV:GHSA-6H4F-PJ3G-Q8FQ...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.7.4) +985 more potentially affected by CVE-2024-7885 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.16.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.31 and more Source cves: CVE-2024-7885 Source advisory: OSV:GHSA-9623-MQMM-5RCF...
africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3378 more potentially affected by CVE-2024-1459 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.30.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-1459 Source advisory: OSV:GHSA-V76W-3PH8-VM66...
be.yildiz-games:module-webserver-undertow (>=1.0.0 <=1.1.1), br.eti.clairton:ds-test (>=0.4.0 <=1.2.1) +2233 more potentially affected by CVE-2021-3629 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.0.3.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.0, =1.0, =0.1.0, =3.0.0.RELEASE, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.1.4-jdk1.8-RELEASES, =0.1.5-jdk1.8-RELEASES and more Source cves: CVE-2021-3629 Source advisory:...
br.eti.clairton:ds-test (>=0.4.0 <=1.2.1), br.jus.stf.digital:core (>=2.0.0 <=2.3.1) +2012 more potentially affected by CVE-2019-14888 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.0.28.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =0.4.0, =2.0.0, =1.0, =1.0, =3.0.0.RELEASE, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.1.4-jdk1.8-RELEASES, =0.0.4, =1.0.2-RELEASE, =0.1.0, =0.1.8 and more Source cves: CVE-2019-14888 Source advisory: OSV:GHSA-VJXC-FRW4-JMH5...
com.sksamuel.scruffy:scruffy-integrationtest_2.11 (=1.12.0), com.sksamuel.scruffy:scruffy-undertow_2.11 (>=1.9.0 <=1.12.0) +39 more potentially affected by CVE-2014-7816 via io.undertow:undertow-core (>=1.2.0.Beta1 <=1.2.0.Beta2)
io.undertow:undertow-core MAVEN version =1.2.0.Beta1, =1.9.0, =1.0.0.Alpha1, =1.2.0.Beta1, =1.2.0.Beta1, =1.2.0.Beta1, =0.5.1, =0.5.1, =1.0.0.Beta1, =1.0.0.Alpha9, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta4 and more Source cves: CVE-2014-7816 Source advisor...
ch.digitalfondue.stampo:ch.digitalfondue.stampo.gradle.plugin (=0.0.3), ch.digitalfondue.stampo:stampo (>=1.0 <=1.2.1) +837 more potentially affected by CVE-2017-12165 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=1.3.30.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0, =1.0, =0.1.0, =0.2.0, =1.1.11, =1.1.11, =1.1.16, =1.1.0, =0.0.8, =0.0.8, =0.1.0, =0.0.6, =0.1.3 and more Source cves: CVE-2017-12165 Source advisory: OSV:GHSA-5GG7-5WV8-4GCJ...
br.eti.clairton:ds-test (=0.4.0), br.jus.stf.digital:core (>=2.0.0 <=2.3.1) +1327 more potentially affected by CVE-2017-12196 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=1.4.23.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =2.0.0, =1.0, =1.0, =0.2.7, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.2.0, =1.1.11, =1.3.7 and more Source cves: CVE-2017-12196 Source advisory: OSV:GHSA-CP7V-VMV7-6X2Q...
cn.dreampie:resty-server (=1.3.0.RELEASE), com.github.chrisdchristo:pipe (=1.0.0) +31 more potentially affected by CVE-2017-7559 via io.undertow:undertow-core (=2.0.0.Alpha1)
io.undertow:undertow-core MAVEN version =2.0.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - cn.dreampie:resty-server =1.3.0.RELEASE - com.github.chrisdchristo:pipe =1.0.0 -...
br.eti.clairton:ds-test (=0.4.0), br.jus.stf.digital:core (>=2.0.0 <=2.3.1) +1329 more potentially affected by CVE-2018-1114 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=1.4.24.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =2.0.0, =1.0, =1.0, =0.2.7, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.2.0, =1.1.11, =1.3.7 and more Source cves: CVE-2018-1114 Source advisory: OSV:GHSA-GJJX-GQM4-WCGM...
be.yildiz-games:module-webserver-undertow (>=1.0.0 <=1.1.1), br.eti.clairton:ds-test (>=1.0.1 <=1.2.1) +1139 more potentially affected by CVE-2018-1114 via io.undertow:undertow-core (>=2.0.0.Alpha1 <=2.0.4.Final)
io.undertow:undertow-core MAVEN version =2.0.0.Alpha1, =1.0.0, =1.0.1, =1.0.2, =1.0.0, =0.1.0, =1.2.0-RELEASE, =3.30.7-RELEASE, =1.0.2-RELEASE, =0.1.0, =0.1.8 and more Source cves: CVE-2018-1114 Source advisory: OSV:GHSA-GJJX-GQM4-WCGM...
Denial Of Service (DoS)
undertow-core is vulnerable to denial of service. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service...
Denial Of Service (DoS)
undertow-core is vulnerable to denial of service DoS attacks. The application does not check if the HTTP header values it receives are null, allowing a malicious user to pass null header values to fill the heap and cause resource exhaustion...