Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-1259

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

Published

2022-08-31T16:15:09.230

Last Modified

2024-11-21T06:40:21.637

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-400
  • Type: Secondary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application redhat build_of_quarkus - Yes
Application redhat integration_camel_k - Yes
Application redhat jboss_enterprise_application_platform 7.0.0 Yes
Application redhat openshift_application_runtimes - Yes
Application redhat single_sign-on 7.0 Yes
Application redhat undertow ≤ 2.2.17 Yes
Application redhat undertow 2.2.18 Yes
Application redhat undertow 2.2.19 Yes
Application netapp active_iq_unified_manager - Yes
Application netapp active_iq_unified_manager - Yes
Application netapp active_iq_unified_manager - Yes
Application netapp cloud_secure_agent - Yes
Application netapp oncommand_insight - Yes
Application netapp oncommand_workflow_automation - Yes
References