Описание
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
Отчет
Red Hat rates this as a Low impact vulnerability since the attacker needs to perform HTTP requests and the server must have incomplete configuration settings.
Меры по смягчению последствий
Setting the maxAge configuration is sufficient to prevent the behavior of this vulnerability being explored.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Serverless | undertow | Fix deferred | ||
| Red Hat build of Apache Camel 4 for Quarkus 3 | undertow | Fix deferred | ||
| Red Hat build of Apache Camel for Spring Boot 4 | undertow | Affected | ||
| Red Hat build of Apache Camel - HawtIO 4 | undertow | Affected | ||
| Red Hat build of Apicurio Registry 2 | undertow | Not affected | ||
| Red Hat Build of Keycloak | undertow | Not affected | ||
| Red Hat build of OptaPlanner 8 | undertow | Fix deferred | ||
| Red Hat build of Quarkus | io.quarkus/quarkus-undertow | Affected | ||
| Red Hat Data Grid 8 | undertow | Affected | ||
| Red Hat Fuse 7 | undertow | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
A vulnerability was found in Undertow. This issue requires enabling th ...
Undertow Missing Release of Memory after Effective Lifetime vulnerability
EPSS
5.3 Medium
CVSS3