github-actions[bot]
commented
4 days ago Issue still exists.
Open github-actions[bot] opened 1 month ago
github-actions[bot]
commented
4 days ago Issue still exists.
Description
A vulnerability was found in Undertow versions through 2.2.32.Final, and 2.3.0.Alpha1 through 2.3.13.Final are vulnerable to Denial-of-Service (DoS) vulnerability. URL-encoded request path information can be broken for concurrent requests on ajp-listener, causing the wrong path to be processed and resulting in a possible Denial-of-Service (DoS) attack.
HIGH Vulnerable Package issue exists @ io.undertow:undertow-core in branch refs/heads/master
Vulnerability ID: CVE-2024-6162
Package Name: io.undertow:undertow-core
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2024-06-20T15:15:00
Current Package Version: 2.0.9.Final
Remediation Upgrade Recommendation: 2.2.36.Final
Link To SCA
Reference – NVD link