CVE-2019-10184: Information Exposure

July 25, 2019 (updated March 31, 2023)

undertow is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

References

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184
nvd.nist.gov/vuln/detail/CVE-2019-10184

Detect and mitigate CVE-2019-10184 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →