Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2023-4639

This vulnerability is marked as RESERVED by NVD. This means that the CVE-ID is reserved for future use by the CVE Numbering Authority (CNA) or a security researcher, but the details of it are not yet publicly available yet.

This page will reflect the classification results once they are available through NVD.

Any vendor information available is shown as below.

Redhat

undertow: Cookie Smuggling/Spoofing

Affected Software List

Name Vendor Version
Migration Toolkit for Runtimes 1 on RHEL 8 RedHat mtr/mtr-operator-bundle:1.2-23
Migration Toolkit for Runtimes 1 on RHEL 8 RedHat mtr/mtr-rhel8-operator:1.2-15
Migration Toolkit for Runtimes 1 on RHEL 8 RedHat mtr/mtr-web-container-rhel8:1.2-16
Migration Toolkit for Runtimes 1 on RHEL 8 RedHat mtr/mtr-web-executor-container-rhel8:1.2-14
Red Hat JBoss Enterprise Application Platform 7 RedHat undertow
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 RedHat eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 RedHat eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 RedHat eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap
Red Hat JBoss Enterprise Application Platform 8 RedHat undertow
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-undertow-0:2.3.11-1.SP1_redhat_00001.1.el8eap
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-undertow-0:2.3.11-1.SP1_redhat_00001.1.el9eap

Ubuntu

[Cookie Smuggling/Spoofing]

Affected Software List

Name Vendor Version
Undertow Ubuntu/esm-apps/noble TBD
Undertow Ubuntu/jammy TBD
Undertow Ubuntu/focal TBD
Undertow Ubuntu/noble TBD
Undertow Ubuntu/upstream TBD
Undertow Ubuntu/esm-apps/focal TBD
Undertow Ubuntu/devel TBD
Undertow Ubuntu/esm-apps/bionic TBD
Undertow Ubuntu/esm-apps/jammy TBD
Undertow Ubuntu/esm-apps/xenial TBD
Undertow Ubuntu/xenial end of standard support
Undertow Ubuntu/bionic end of standard support
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use