Zurück zur CVE-Übersicht
CVE-2026-3260
NONERisk Signal Score0/100 — NIEDRIG
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
Beschreibung
Rejected reason: The Undertow web server enforces a default maximum HTTP request entity size limit. Any request (including GET or HEAD) containing a body that exceeds this configurable limit is safely dropped by the server, preventing single-request Resource Exhaustion (Out of Memory) Denial of Service attacks.
GitHub Advisories
GHSA-3x3v-w654-m28mMEDIUM
Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests
maven/io.undertow:undertow-core
GitHub Advisory