[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff… #1609

fl4via · 2024-06-20T03:04:02Z

…er StringBuilder instance between requests

Jira: https://issues.redhat.com/browse/UNDERTOW-2334

…er StringBuilder instance between requests Signed-off-by: Flavia Rainone <frainone@redhat.com>

[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff…

90f202a

…er StringBuilder instance between requests Signed-off-by: Flavia Rainone <frainone@redhat.com>

fl4via merged commit ef052c3 into undertow-io:master Jun 20, 2024
34 checks passed

fl4via removed the next release This PR will be merged before next release or has already been merged (for payload double check) label Jun 20, 2024

fl4via deleted the UNDERTOW-2334 branch June 21, 2024 21:42

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff… #1609

[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff… #1609

fl4via commented Jun 20, 2024

[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff… #1609

[UNDERTOW-2334] CVE-2024-6162 AJP Parser: Do not share the decodeBuff… #1609

Conversation

fl4via commented Jun 20, 2024