What the vulnerability does

01Description

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.

Key dates

02Disclosure timeline

May 24, 2022 CVE published
August 3, 2024 Record updated