Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-10184

CVSSv4: NA | CVSSv3: 7.5 | CVSSv2: 5 | VMScore: 850 | EPSS: 0.00895 | KEV: Not Included
Published: 25/07/2019 Updated: 21/11/2024

Vulnerability Summary

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat undertow

redhat jboss data grid -

redhat jboss enterprise application platform -

redhat jboss enterprise application platform 7.0.0

redhat openshift application runtimes -

redhat openshift application runtimes 1.0

redhat single sign-on -

redhat single sign-on 7.0

redhat jboss enterprise application platform 7.2

redhat jboss enterprise application platform 7.3

redhat jboss enterprise application platform 7.4

redhat single sign-on 7.3

netapp active iq unified manager -

Vendor Advisories

Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise LinuxRed Hat Product Security has rated this update as having a se ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 7 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 7 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 8 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 8 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 6 Security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 6 Security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat OpenShift Application Runtimes Thorntail 2.5.0 security & bug fix update
Synopsis Important: Red Hat OpenShift Application Runtimes Thorntail 250 security & bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Import ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update
Synopsis Important: Red Hat Single Sign-On 734 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 73 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 8
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 8 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 6
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 6 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat Fuse 7.6.0 security update
Synopsis Important: Red Hat Fuse 760 security update Type/Severity Security Advisory: Important Topic A minor version update (from 75 to 76) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security h ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 7
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 7 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat Data Grid 7.3.3 security update
Synopsis Important: Red Hat Data Grid 733 security update Type/Severity Security Advisory: Important Topic An update for Red Hat Data Grid is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, whic ...
Red Hat: CVE-2019-10184
Impact: Low Public Date: 2019-07-24 CWE: CWE-200 Bugzilla: 1713068: CVE-2019-10184 undertow: Informatio ...

Github Repositories

https://github.com/WHATSUPTOYOU/FIND-VUL

FIND-VUL Report Template Title Bugs Could Occur When Importing Jar undertow-servlet-2015Finaljar in This Project Content Hi Developer, I found that your project uses a vulnerable jar which is undertow-servlet-2015Finaljar and calls the vulnerable function handleRequest in file ServletInitialHandlerjava (See details in Repository undertow-io/undertow, commitid: d

References

CWE-862CWE-862https://nvd.nist.govhttps://github.com/WHATSUPTOYOU/FIND-VULhttps://access.redhat.com/errata/RHSA-2019:2938https://www.first.org/epsshttps://access.redhat.com/security/cve/cve-2019-10184https://access.redhat.com/errata/RHSA-2019:2935https://access.redhat.com/errata/RHSA-2019:2936https://access.redhat.com/errata/RHSA-2019:2937https://access.redhat.com/errata/RHSA-2019:2938https://access.redhat.com/errata/RHSA-2019:2998https://access.redhat.com/errata/RHSA-2019:3044https://access.redhat.com/errata/RHSA-2019:3045https://access.redhat.com/errata/RHSA-2019:3046https://access.redhat.com/errata/RHSA-2019:3050https://access.redhat.com/errata/RHSA-2020:0727https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184https://github.com/undertow-io/undertow/pull/794https://security.netapp.com/advisory/ntap-20220210-0016/https://access.redhat.com/errata/RHSA-2019:2935https://access.redhat.com/errata/RHSA-2019:2936https://access.redhat.com/errata/RHSA-2019:2937https://access.redhat.com/errata/RHSA-2019:2938https://access.redhat.com/errata/RHSA-2019:2998https://access.redhat.com/errata/RHSA-2019:3044https://access.redhat.com/errata/RHSA-2019:3045https://access.redhat.com/errata/RHSA-2019:3046https://access.redhat.com/errata/RHSA-2019:3050https://access.redhat.com/errata/RHSA-2020:0727https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184https://github.com/undertow-io/undertow/pull/794https://security.netapp.com/advisory/ntap-20220210-0016/
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
command injectionCVE-2025-1653remote code executionCVE-2023-52927qiskit sdkcivi - job board & freelance marketplace wordpress themeCVE-2025-29029tianocoreCVE-2025-24201CVE-2025-27363CVE-2024-13497analyticswpunspecified
Home
/
Search Results
/
CVE-2019-10184
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook