Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-10184

Published: 25/07/2019 Updated: 20/02/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Redhat

Vulnerability Summary

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat undertow

redhat jboss data grid -

redhat jboss enterprise application platform -

redhat jboss enterprise application platform 7.0.0

redhat openshift application runtimes -

redhat openshift application runtimes 1.0

redhat single sign-on -

redhat single sign-on 7.0

redhat jboss_enterprise_application_platform 7.2

redhat jboss_enterprise_application_platform 7.3

redhat jboss_enterprise_application_platform 7.4

redhat single_sign-on 7.3

netapp active iq unified manager -

Vendor Advisories

Red Hat: Important: Red Hat Data Grid 7.3.3 security update
Synopsis Important: Red Hat Data Grid 733 security update Type/Severity Security Advisory: Important Topic An update for Red Hat Data Grid is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, whic ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 6 Security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 6 Security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 7
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 7 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 6
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 6 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 8 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 8 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 8
Synopsis Important: Red Hat Single Sign-On 734 security update on RHEL 8 Type/Severity Security Advisory: Important Topic New Red Hat Single Sign-On 734 packages are now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Co ...
Red Hat: Important: Red Hat Single Sign-On 7.3.4 security update
Synopsis Important: Red Hat Single Sign-On 734 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 73 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise LinuxRed Hat Product Security has rated this update as having a se ...
Red Hat: Important: Red Hat Fuse 7.6.0 security update
Synopsis Important: Red Hat Fuse 760 security update Type/Severity Security Advisory: Important Topic A minor version update (from 75 to 76) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security h ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 7 security update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 724 on RHEL 7 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 72 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Red Hat: Important: Red Hat OpenShift Application Runtimes Thorntail 2.5.0 security & bug fix update
Synopsis Important: Red Hat OpenShift Application Runtimes Thorntail 250 security & bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Import ...
Red Hat: CVE-2019-10184
Impact: Low Public Date: 2019-07-24 CWE: CWE-200 Bugzilla: 1713068: CVE-2019-10184 undertow: Informatio ...

Github Repositories

https://github.com/WHATSUPTOYOU/FIND-VUL

FIND-VUL Report Template Title Bugs Could Occur When Importing Jar undertow-servlet-2015Finaljar in This Project Content Hi Developer, I found that your project uses a vulnerable jar which is undertow-servlet-2015Finaljar and calls the vulnerable function handleRequest in file ServletInitialHandlerjava (See details in Repository undertow-io/undertow, commitid: d

References

CWE-862https://github.com/undertow-io/undertow/pull/794https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184https://access.redhat.com/errata/RHSA-2019:2937https://access.redhat.com/errata/RHSA-2019:2936https://access.redhat.com/errata/RHSA-2019:2935https://access.redhat.com/errata/RHSA-2019:2938https://access.redhat.com/errata/RHSA-2019:2998https://access.redhat.com/errata/RHSA-2019:3046https://access.redhat.com/errata/RHSA-2019:3045https://access.redhat.com/errata/RHSA-2019:3044https://access.redhat.com/errata/RHSA-2019:3050https://access.redhat.com/errata/RHSA-2020:0727https://security.netapp.com/advisory/ntap-20220210-0016/https://nvd.nist.govhttps://github.com/WHATSUPTOYOU/FIND-VULhttps://access.redhat.com/errata/RHSA-2020:0727https://access.redhat.com/security/cve/cve-2019-10184
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook