CNNVD-202601-5070 Information

CNNVD ID

CNNVD-202601-5070

Related CVE

CVE-2024-4027

• CNNVD Published: 2026-01-30

Description (Chinese)

Undertow是美国Undertow公司的一个Web服务器。 Undertow存在输入验证错误漏洞，该漏洞源于使用调用HttpServletRequestImpl.getParameterNames方法的Servlet，可能导致远程拒绝服务攻击。

Description (English)

Undertow is a Web server for Undertow in the United States. Undertow has an input authentication error that results from the use of the HttpServletRequestImpl. GetParameterNames method, which can lead to a remote denial of service attack.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

Undertow

Published

2026-01-30

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2024-4027 https://bugzilla.redhat.com/show_bug.cgi?id=2276410