A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
{ "binaries": [ { "binary_version": "1.3.16-1", "binary_name": "libundertow-java" } ] }
{ "binaries": [ { "binary_version": "1.4.23-3", "binary_name": "libundertow-java" } ] }
{ "binaries": [ { "binary_version": "2.0.29-1", "binary_name": "libundertow-java" } ] }
{ "binaries": [ { "binary_version": "2.2.16-1", "binary_name": "libundertow-java" } ] }
{ "binaries": [ { "binary_version": "2.3.8-2", "binary_name": "libundertow-java" } ] }
{ "binaries": [ { "binary_version": "2.3.18-1", "binary_name": "libundertow-java" } ] }