Undertow@2.2.19 Security Vulnerabilities and Issues — Undertow@2.2.19 CVE List

Lucene search

RedhatUndertow2.2.19

3 matches found

CVE•added 2022/09/01 9:15 p.m.•240 views

CVE-2022-2764

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

4.9CVSS5.1AI score0.00105EPSS

CVE•added 2022/08/31 4:15 p.m.•188 views

CVE-2022-1319

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADE...

7.5CVSS7.3AI score0.00242EPSS

CVE•added 2022/08/31 4:15 p.m.•157 views

CVE-2022-1259

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5CVSS6.3AI score0.00184EPSS