VDB
CVE-2019-10212
CVE-2019-10212
PUBLISHED
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
EPSS 0.45% · 63.9th percentile
Risk Scores
EPSS Score
0.45%
63.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:25.10 | undertow | 2.3.18-1, 2.3.18-2, 0 |
| Ubuntu:24.04:LTS | undertow | 2.3.8-2, 0 |
| Ubuntu:18.04:LTS | undertow | 1.4.23-3, 1.4.23-2build1, 0 |
| Ubuntu:16.04:LTS | undertow | 1.3.5-1, 1.3.7-1, 1.3.11-1 |
Timeline
- Oct 2, 2019 CVE Published
- Oct 9, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 11, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-10212 third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1731984 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-10212 third-party-advisory