Skip to content

[GHSA-3x3v-w654-m28m] Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests#7796

Merged
advisory-database[bot] merged 1 commit into
julianladisch/advisory-improvement-7796from
julianladisch-GHSA-3x3v-w654-m28m
Jun 30, 2026
Merged

[GHSA-3x3v-w654-m28m] Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests#7796
advisory-database[bot] merged 1 commit into
julianladisch/advisory-improvement-7796from
julianladisch-GHSA-3x3v-w654-m28m

Conversation

@julianladisch

Copy link
Copy Markdown

Updates

  • Affected products
  • References

Comments
There isn't any indication that the issue got fixed.

Red Hat reports: "Fix deferred": https://access.redhat.com/security/cve/CVE-2026-3260

Release page doesn't mention CVE-2026-3260: https://github.com/undertow-io/undertow/releases

undertow.io doesn't mention CVE-2026-3260 at all: https://github.com/search?q=org%3Aundertow-io+CVE-2026-3260&type=code

@github-actions github-actions Bot changed the base branch from main to julianladisch/advisory-improvement-7796 May 22, 2026 10:47
@advisory-database advisory-database Bot merged commit 891b31a into julianladisch/advisory-improvement-7796 Jun 30, 2026
4 checks passed
@advisory-database

Copy link
Copy Markdown
Contributor

Hi @julianladisch! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

@advisory-database advisory-database Bot deleted the julianladisch-GHSA-3x3v-w654-m28m branch June 30, 2026 21:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant