Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 2.2.39.Final, 2.3.21.Final, 2.3.22.Final, 2.2.40.Final, 2.4.0.Alpha2, 2.3.20.SP2, 2.2.38.SP2
Affects Version/s: None
Component/s: None
Labels:
- needs-backport

Git Pull Request:
https://gitlab.cee.redhat.com/undertow-io/undertow/-/merge_requests/173, https://github.com/undertow-io/undertow/pull/1857, https://github.com/undertow-io/undertow/pull/1860, https://github.com/undertow-io/undertow/pull/1882

is duplicated by

UNDERTOW-2657 Improve NetworkUtils regex to vet bad address, ie 355.0.0.0.

Resolved

is incorporated by

WFCORE-7462 CVE-2024-3884 CVE-2025-12543 Upgrade Undertow to 2.3.21.Final

Resolved

is triggering

RESTEASY-3686 Delete HeaderEmptyHostTest to unit test due to Undertow security hardening (UNDERTOW-2656) and lack of core framework relevance

Resolved

split to

UNDERTOW-2657 Improve NetworkUtils regex to vet bad address, ie 355.0.0.0.

Resolved

Assignee:: Bartosz Baranowski

Reporter:: Bartosz Baranowski

Involved:: Alessio Soldano, Bartosz Baranowski, Brad Maxwell, Brian Stansberry, Bruno Oliveira da Silva, Darran Lofthouse, Flavia Rainone, Ilia Vassilev, Ingo Weiss, Ivo Studensky, Martin Svehla, Michaela Osmerova, Neil Wallace, Paramvir Jindal, Pedro Silva, Peter Mackay, Radovan Stancel, Richard Opalka, Roman Stepaniuk, Stefano Maestri, Tom Jenkinson, Vladimir Dosoudil

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/11/04 8:10 AM

Updated:: 2026/01/29 8:11 AM

Resolved:: 2025/11/27 9:59 AM