Security Advisory

CVE-2024-4027

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-30 14:25:54

Last updated 2026-03-26 23:30:30

Assigner redhat

State PUBLISHED

Description

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack.

← Browse all CVEs View on cve.org ↗