CVE-2019-10184

Summary

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

Affected Software

VendorProductVersion RangeStatus
undertow-ioundertowfixed in 2.0.23.Finalaffected

Weaknesses

  • CWE-862: CWE-862

ADP Enrichment

CVE Program Container

Additional References

References