Undertow's FormAuthenticationMechanism can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 Via RHSA-2024:1676 https://access.redhat.com/errata/RHSA-2024:1676
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Via RHSA-2024:1675 https://access.redhat.com/errata/RHSA-2024:1675
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Via RHSA-2024:1674 https://access.redhat.com/errata/RHSA-2024:1674
This issue has been addressed in the following products: EAP 7.4.16 Via RHSA-2024:1677 https://access.redhat.com/errata/RHSA-2024:1677
Yet another old CVE that has been "addressed" and made public with no Open Source fix released. https://github.com/undertow-io/undertow RedHat you are really working hard to make all Undertow users vulnerable.