CVE-2023-3223 — Memory Allocation with Excessive Size Value in Redhat Undertow

CWE-789 — Memory Allocation with Excessive Size Value CWE-400 — Uncontrolled Resource Consumption CWE-125 — Out-of-bounds Read8 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.9%

top 24.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Undertow Redhat Jboss Enterprise Application Platform Redhat Openshift Container Platform +3 more

Timeline

PublishedSep 27

Latest updateOct 7

Description

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶NVDredhat/undertow< 2.2.24

▶Debianredhat/undertow< 2.3.18-1

▶NVDredhat/single_sign-on7.6

▶NVDredhat/jboss_enterprise_application_platform7.4

Also affects: Openshift Container Platform 4.11, 4.12, 4.10, 4.9

🔴Vulnerability Details

OSV

CVE-2023-3223: A flaw was found in undertow↗2023-09-27

▶

GHSA

Undertow vulnerable to denial of service↗2023-09-27

▶

CVEList

Undertow: outofmemoryerror due to @multipartconfig handling↗2023-09-27

▶

OSV

Undertow vulnerable to denial of service↗2023-09-27

▶

📋Vendor Advisories

Red Hat

kernel: drm/i915/perf: add sentinel to xehp_oa_b_counters↗2025-10-07

▶

Red Hat

undertow: OutOfMemoryError due to @MultipartConfig handling↗2023-08-07

▶

Debian

CVE-2023-3223: undertow - A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause...↗2023

▶