undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
| Version | Base score | Base severity | Vector |
|---|
| Hyperlink | Resource Type |
|---|
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
| Version | Base score | Base severity | Vector |
|---|---|---|---|
| 3.0 | 5.3 | MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 3.1 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Secondary | 3.0 | 5.3 | MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| Primary | 2.0 | 5.0 | MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |