CVE-2016-4993

Debian Bug report logs - #900323 undertow: CVE-2018-1067: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993) Package: src:undertow; Maintainer for src:undertow is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg& ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 710 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 710 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a ...

Synopsis Important: eap7-jboss-ec2-eap security update Type/Severity Security Advisory: Important Topic An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 71 for Red Hat Ent ...

Synopsis Important: JBoss Enterprise Application Platform 712 for RHEL 7 Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7Re ...

Synopsis Important: jboss-ec2-eap package for EAP 712 Type/Severity Security Advisory: Important Topic An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 712 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 712 for Red Ha ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 712 security update Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712, fixes several bugs, and adds various enhancements are now available for Red Hat Enterpri ...

Synopsis Important: Red Hat OpenShift Application Runtimes Thorntail 240 security & bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Import ...

Synopsis Important: rhvm-appliance security update Type/Severity Security Advisory: Important Topic An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vuln ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 710 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...

Synopsis Important: JBoss Enterprise Application Platform 712 on RHEL 6 Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6Red ...

Synopsis Important: EAP Continuous Delivery Technical Preview Release 13 security update Type/Severity Security Advisory: Important Topic This is a security update for JBoss EAP Continuous Delivery 130Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...

It was reported that EAP 7 Application Server/Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value ...