CVE-2025-12543 | Undertow Header Host server-side request forgery

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability identified as critical has been detected in Undertow. Affected by this issue is some unknown functionality of the component Header Handler. This manipulation of the argument Host causes server-side request forgery.

This vulnerability is handled as CVE-2025-12543. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-12543 | Undertow Header Host server-side request forgery

Post correlati

CVE-2024-27416 | Linux Kernel up to 6.7.8 Bluetooth information disclosure

CVE-2024-53125 | Linux Kernel up to 6.11.5 sync_linked_regs random values (e2ef0f317a52/e9bd9c498cb0)

CVE-2025-10998 | Open Babel up to 3.1.1 chemkinformat.cpp ReadReactionQualifierLines null pointer dereference (Issue 2829)

CVE-2024-5896 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php save_users id sql injection