You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Undertow Dev
Hey,
I believe CVE-2022-1319 was resolved in 2.2.18 based on the release notes (and UNDERTOW-2060) but this NIST entry says that 2.2.19 is also vulnerable. Is the NIST entry correct?
Many Thanks
Flavia Rainone
unread,
Oct 17, 2022, 4:05:21 PM10/17/22
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Undertow Dev
Hi! The NIST is incorrect. The fix was not reverted since it was merged. So, it is included on 2.2.18.Final onwards, whatever the version number might be.