Source: undertow Severity: grave Tags: security There's no other reference that what Red Hat published here: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
Upstream needs to be contacted or the patch pulled from their
update.
Cheers,
Moritz
