CVE-2019-10212 Vulnerability in maven package io.undertow:undertow-core

Description

A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.

Remediation

References

https://access.redhat.com/errata/RHSA-2019:2998

https://access.redhat.com/errata/RHSA-2020:0727

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10212

https://security.netapp.com/advisory/ntap-20220210-0017/

Related Vulnerabilities

CVE-2019-13173 Vulnerability in maven package org.webjars:fstream

CVE-2012-5883 Vulnerability in npm package yui

CVE-2023-48711 Vulnerability in npm package google-translate-api-browser

CVE-2021-32860 Vulnerability in npm package izimodal

CVE-2022-31108 Vulnerability in npm package mermaid

Severity

Critical

Classification

CWE-532 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H