CVE-2026-3260 in Undertowinformação

Sumário (Inglês)

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

redhat

Reservar

26/02/2026

Divulgação

24/03/2026

Estado

Confirmado

Inscrições

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadeCWEExpConCVE
352668Undertow getParameterMap Negação de Serviço770Não definidoNão definidoCVE-2026-3260

Descrição

CPE

CWE

CVSS

Explorações

História

Diferença

Relacionar

Inteligência de ameaças

API JSON

API XML

API CSV

Fontes

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!