Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-28369 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28369)
vulnerability in io.undertow:undertow-parent (CVE-2026-28369). Confidential information can be exposed externally.
|
| CVE-2026-28367 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28367)
vulnerability in io.undertow:undertow-parent (CVE-2026-28367). Confidential information can be exposed externally.
|
| CVE-2026-28368 |
|
Vulnerability in io.undertow:undertow-parent (CVE-2026-28368)
vulnerability in io.undertow:undertow-parent (CVE-2026-28368). Confidential information can be exposed externally.
|
| CVE-2025-57849 |
|
Vulnerability in privilege-escalation (CVE-2025-57849)
vulnerability in privilege-escalation (CVE-2025-57849). Successful exploitation can lead to full system takeover.
|
| CVE-2025-12543 |
|
Vulnerability in redhat (CVE-2025-12543)
vulnerability in redhat (CVE-2025-12543). Confidential information can be exposed externally. Exploitable via `Host header`.
|
| CVE-2025-9784 |
|
Vulnerability in io.undertow:undertow-core (CVE-2025-9784)
vulnerability in io.undertow:undertow-core (CVE-2025-9784). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.20.Final` or later.
|
| CVE-2017-5645 |
|
Unsafe Deserialization in apache (CVE-2017-5645)
vulnerability in apache (CVE-2017-5645). Successful exploitation can lead to full system takeover.
|