CNNVD-202512-329 Information

CNNVD ID

CNNVD-202512-329

Related CVE

CVE-2024-3884

• CNNVD Published: 2025-12-03

Description (Chinese)

Red Hat Undertow是美国红帽（Red Hat）公司的一款基于Java的嵌入式Web服务器，是Wildfly（Java应用服务器）默认的Web服务器。 Red Hat Undertow存在输入验证错误漏洞，该漏洞源于解析大型表单数据编码时会导致内存不足问题，可能导致远程拒绝服务攻击。

Description (English)

Red Hat Undertow, an embedded Web server based on Java, is the default Web server for Wildfly (Java application server). Red Hat Undertow has an input validation error that stems from the memory deficiencies that may result from the analysis of large sheet data codes and may lead to long-range denial service attacks.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

红帽

Published

2025-12-03

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2275287 https://access.redhat.com/security/cve/CVE-2024-3884 https://vigilance.fr/vulnerability/Undertow-overload-via-FormEncodedDataDefinition-doParse-48991 https://access.redhat.com/security/cve/cve-2024-3884