Medium severity5.9NVD Advisory· Published Oct 3, 2016· Updated Jun 17, 2026
CVE-2016-7046
CVE-2016-7046
Description
Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.undertow:undertow-coreMaven | >= 1.4.0, < 1.4.3.Final | 1.4.3.Final |
io.undertow:undertow-coreMaven | < 1.3.25.Final | 1.3.25.Final |
Affected products
1Patches
Vulnerability mechanics
References
15- www.securityfocus.com/bid/93173nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-3f57-w2rp-72fcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-7046ghsaADVISORY
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingWEB
- github.com/undertow-io/undertow/commit/c518b5a1784061d807efedcef0a03fcd35a53de2ghsaWEB
- issues.redhat.com/browse/UNDERTOW-835ghsaWEB
- security-tracker.debian.org/tracker/CVE-2016-7046ghsaWEB
- rhn.redhat.com/errata/RHSA-2016-2640.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-2641.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-2642.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-2657.htmlnvd
- access.redhat.com/errata/RHSA-2017:3454nvd
- access.redhat.com/errata/RHSA-2017:3455nvd
- access.redhat.com/errata/RHSA-2017:3456nvd
- access.redhat.com/errata/RHSA-2017:3458nvd
News mentions
0No linked articles in our index yet.