Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 2.3.14.Final, 2.2.33.Final
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/undertow-io/undertow/pull/1585, https://github.com/undertow-io/undertow/pull/1607

is caused by

UNDERTOW-2264 CVE-2023-1973 SessionImpl objects + location strings are created and not cleaned up on authentication failures

Reopened

is cloned by

UNDERTOW-2409 Adjust properly session timeout also in case when GET requests with custom auth mechanisms are used

Resolved

JBEAP-26991 [GSS](8.0.z) UNDERTOW-2378 - Adjust properly session timeout also in case when custom auth mechanisms are used

Closed

is incorporated by

JBEAP-26990 [GSS](7.4.z) UNDERTOW-2409 / UNDERTOW-2378 - Adjust properly session timeout also in case when custom auth mechanisms are used

Closed

WFCORE-6862 CVE-2024-6162 CVE-2024-27316 Upgrade Undertow to 2.3.14.Final

Resolved

Assignee:: Richard Opalka

Reporter:: Richard Opalka

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/04/23 8:25 AM

Updated:: 2024/07/16 3:21 PM

Resolved:: 2024/06/13 10:10 PM