1.4.20

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-27	CVE-2023-3223	Unspecified vulnerability in Redhat products A flaw was found in undertow. network low complexity redhat	7.5
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5
2022-08-31	CVE-2022-1259	A flaw was found in Undertow. network low complexity redhat netapp	7.5
2022-08-31	CVE-2022-1319	A flaw was found in Undertow. network low complexity redhat netapp	7.5
2022-08-26	CVE-2021-3859	A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. network low complexity redhat netapp	7.5
2022-08-23	CVE-2021-3690	Memory Leak vulnerability in Redhat products A flaw was found in Undertow. network low complexity redhat CWE-401	7.5
2022-08-05	CVE-2022-2053	Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. network low complexity redhat CWE-400	7.5
2022-05-24	CVE-2021-3597	Race Condition vulnerability in multiple products A flaw was found in undertow. network high complexity redhat netapp CWE-362	5.9
2022-05-24	CVE-2021-3629	Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. network high complexity redhat netapp CWE-400	5.9
2021-03-23	CVE-2019-19343	Improper Resource Shutdown or Release vulnerability in multiple products A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. network low complexity redhat netapp CWE-404	7.5