Количество 4
Количество 4
CVE-2024-4109
Rejected reason: Red Hat Product Security has determined that this CVE is not a security vulnerability.
CVE-2024-4109
[REJECTED CVE] A vulnerability has been identified in the Undertow package where the readHpackString method may incorrectly reuse an HTTP request header value from a previous stream for a new request on the same HTTP/2 connection due to improper handling of the stringBuilder field. While this typically results in an error and connection termination, an attacker could potentially exploit this flaw to leak sensitive information between requests within the same connection.
CVE-2024-4109
Rejected reason: Red Hat Product Security has determined that this CVE is not a security vulnerability.
GHSA-22c5-cpvr-cfvq
Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-4109 Rejected reason: Red Hat Product Security has determined that this CVE is not a security vulnerability. | около 1 года назад | ||
 | CVE-2024-4109 [REJECTED CVE] A vulnerability has been identified in the Undertow package where the readHpackString method may incorrectly reuse an HTTP request header value from a previous stream for a new request on the same HTTP/2 connection due to improper handling of the stringBuilder field. While this typically results in an error and connection termination, an attacker could potentially exploit this flaw to leak sensitive information between requests within the same connection. | около 1 года назад | ||
 | CVE-2024-4109 Rejected reason: Red Hat Product Security has determined that this CVE is not a security vulnerability. | около 1 года назад | ||
| GHSA-22c5-cpvr-cfvq Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse | CVSS3: 7.5 | около 1 года назад |
Уязвимостей на страницу