Tag

Undertow

4 briefs RSS

Red Hat Undertow Multiple Vulnerabilities Allow Security Bypass

An anonymous remote attacker can exploit multiple vulnerabilities in Red Hat Undertow to bypass security measures, manipulate data, and disclose sensitive information.

redhat undertow security-bypass information-disclosure data-manipulation

2r 3t Mar 30, 2026

high advisory

Undertow Request Smuggling Vulnerability (CVE-2026-28368)

2 rules 1 TTP

CVE-2026-28368 is a vulnerability in Undertow that allows a remote attacker to construct specially crafted requests, leading to request smuggling attacks and potential bypass of security controls, resulting in unauthorized resource access.

undertow request-smuggling cve-2026-28368

2r 1t Mar 28, 2026

high advisory

Undertow HTTP Request Smuggling Vulnerability (CVE-2026-28367)

2 rules 1 TTP

A remote attacker can exploit CVE-2026-28367 in Undertow by sending '\r\r\r' as a header block terminator, leading to request smuggling on vulnerable proxy servers.

cve request-smuggling undertow webserver

2r 1t Mar 27, 2026

high advisory

Red Hat JBoss Enterprise Application Platform Multiple Vulnerabilities

2 rules 3 TTPs

An anonymous remote attacker can exploit multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform to cause a denial-of-service condition, manipulate data, and conduct further attacks such as cache poisoning and session hijacking.

jboss undertow denial-of-service cache-poisoning session-hijacking webserver

2r 3t Mar 25, 2026