A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows unauthorized users to cause a remote denial of service (DoS) attack.
CVE-2024-3884: A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataD…
A flaw in Undertow (CVE-2024-3884) allows remote denial of service attacks via large form data parsing, causing OutOfMemory issues.