Security Advisory

CVE-2026-3260

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-24 04:11:16

Last updated 2026-04-08 19:34:26

Assigner redhat

State PUBLISHED

Description

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS).

← Browse all CVEs View on cve.org ↗