40 Total advisories
40 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 5.9
CVE-2026-3260
Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests
HIGH 7.5
CVE-2024-3884
Undertow OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded
CRITICAL 9.6
CVE-2025-12543
Undertow HTTP server core doesn't properly validate the Host header in incoming HTTP requests
HIGH 7.5
CVE-2025-9784
Undertow MadeYouReset HTTP/2 DDoS Vulnerability
HIGH 7.5
CVE-2024-6162
Undertow's url-encoded request path information can be broken on ajp-listener
HIGH 7.5
CVE-2024-4027
Undertow Servlets Vulnerable to Remote DoS via OutOfMemoryError when Passed Large Parameter Names
HIGH 7.5
CVE-2023-1108
Undertow denial of service vulnerability
HIGH 7.5
CVE-2024-7885
Undertow vulnerable to Race Condition
HIGH 7.5
CVE-2021-3629
Undertow Uncontrolled Resource Consumption
HIGH 7.5
CVE-2024-1635
Undertow Uncontrolled Resource Consumption Vulnerability
CRITICAL 9.8
CVE-2022-4492
Undertow client not checking server identity presented by server certificate in https connections
HIGH 7.4
CVE-2023-4639
Undertow incorrectly parses cookies
HIGH 7.5
GHSA-22c5-cpvr-cfvq
Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse
UNKNOWN
CVE-2014-7816
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow
MEDIUM 5.3
CVE-2024-1459
Undertow Path Traversal vulnerability
HIGH 7.5
CVE-2023-1973
Undertow Denial of Service vulnerability
MEDIUM 5.3
CVE-2024-3653
Undertow Missing Release of Memory after Effective Lifetime vulnerability
HIGH 7.5
CVE-2024-5971
Undertow Denial of Service vulnerability
HIGH 7.5
CVE-2017-12165
Undertow Request Smuggling vulnerability
HIGH 7.5
CVE-2019-14888
Undertow vulnerable to Uncontrolled Resource Consumption
HIGH 7.5
CVE-2021-3859
Undertow vulnerable to Denial of Service (DoS) attacks
HIGH 8.6
CVE-2020-1745
Improper Authorization in Undertoe
HIGH 7.5
CVE-2020-10705
Allocation of Resources Without Limits or Throttling in Undertow
MEDIUM 6.5
CVE-2020-10719
HTTP Request Smuggling in Undertow
MEDIUM 4.8
CVE-2020-10687
HTTP Request Smuggling in Undertow
MEDIUM 4.8
CVE-2021-20220
HTTP request smuggling in Undertow
MEDIUM 5.9
CVE-2021-3597
undertow Race Condition vulnerability
HIGH 7.5
CVE-2021-3690
Undertow vulnerable to memory exhaustion due to buffer leak
CRITICAL 9.8
CVE-2019-3888
Credential exposure through log files in Undertow
CRITICAL 9.8
CVE-2019-10212
Potential to access user credentials from the log files when debug logging enabled
HIGH 7.5
CVE-2022-2053
Undertow vulnerable to Dos via Large AJP request
HIGH 7.5
CVE-2020-27782
Denial of service in Undertow
HIGH 8.1
CVE-2020-1757
Improper Input Validation in Undertow
MEDIUM 5.3
CVE-2018-14642
Exposure of Sensitive Information to an Unauthorized Actor in Undertow
MEDIUM 6.5
CVE-2018-1114
Uncontrolled Resource Consumption in Undertow
MEDIUM 6.1
CVE-2017-7559
Undertow vulnerable to Request Smuggling
HIGH 7.5
CVE-2017-2670
Moderate severity vulnerability that affects io.undertow:undertow-core
MEDIUM 6.5
CVE-2017-2666
Undertow-core vulnerable to HTTP Request Smuggling
MEDIUM 5.9
CVE-2017-12196
Incorrect Authorization in Undertow
MEDIUM 5.9
CVE-2016-7046
Undertow Uncaught Exception vulnerability
Ready to move
Start Securing
Free, no credit card | First findings in minutes