漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Red Hat Undertow 输入验证错误漏洞
Vulnerability Description
Red Hat Undertow是美国红帽(Red Hat)公司的一款基于Java的嵌入式Web服务器,是Wildfly(Java应用服务器)默认的Web服务器。 Red Hat undertow-2.0.30.SP1之前的undertow-2.x.x SP1版本、undertow-2.1.0.Final之前的和undertow-2.xx版本和undertow-1.xx版本中存在安全漏洞。攻击者可利用该漏洞绕过安全保护。
CVSS Information
N/A
Vulnerability Type
N/A