Undertow-io Undertow
2 CVEs affecting Undertow-io Undertow. Latest disclosed: 2020-04-28. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-1745 | High | 8.6 | 2020-04-28 | A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before… |
CVE-2019-10184 | High | 7.5 | 2019-07-25 | undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests withou… |