VDB

DEBIAN-CVE-2019-10184

DEBIAN-CVE-2019-10184 PUBLISHED CVSS 7.5 HIGH

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:14undertow0, 1.3.11-1, 1.3.16-1

Timeline

  • Jul 25, 2019 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›