A flaw was found in versions before 2.0.27.Final, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
HIGH Vulnerable Package issue exists @ io.undertow:undertow-core in branch master
Description
A flaw was found in versions before 2.0.27.Final, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
HIGH Vulnerable Package issue exists @ io.undertow:undertow-core in branch master
Vulnerability ID: CVE-2019-10212
Package Name: io.undertow:undertow-core
Severity: HIGH
CVSS Score: 9.8
Publish Date: 2019-10-02T19:15:00
Current Package Version: 2.0.9.Final
Remediation Upgrade Recommendation: 2.2.26.Final
Link To SCA
Reference – NVD link