Vulnerabilities > Redhat > Undertow > 2.0.36

DATE CVE VULNERABILITY TITLE RISK
2020-06-10 CVE-2020-10705 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error.
network
low complexity
redhat netapp CWE-770
5.0
5.0
2020-05-26 CVE-2020-10719 HTTP Request Smuggling vulnerability in multiple products
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes.
network
low complexity
redhat netapp CWE-444
6.5
6.5