Publish GHSA-j382-5jj3-vw4j

advisory-database[bot] · advisory-database[bot] · commit 9eab44c47751 · 2026-01-21T15:01:50.000Z
diff --git a/advisories/github-reviewed/2026/01/GHSA-j382-5jj3-vw4j/GHSA-j382-5jj3-vw4j.json b/advisories/github-reviewed/2026/01/GHSA-j382-5jj3-vw4j/GHSA-j382-5jj3-vw4j.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j382-5jj3-vw4j",
-  "modified": "2026-01-09T00:30:28Z",
+  "modified": "2026-01-21T15:00:11Z",
   "published": "2026-01-07T18:30:25Z",
   "aliases": [
     "CVE-2025-12543"
@@ -15,6 +15,15 @@
     }
   ],
   "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "io.undertow:undertow-core"
+      },
+      "versions": [
+        "2.4.0.Alpha1"
+      ]
+    },
     {
       "package": {
         "ecosystem": "Maven",
@@ -28,7 +37,7 @@
               "introduced": "0"
             },
             {
-              "last_affected": "2.4.0.Alpha1"
+              "fixed": "2.3.21.Final"
             }
           ]
         }
@@ -40,6 +49,14 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12543"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/undertow-io/undertow/pull/1857"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/undertow-io/undertow/pull/1860"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:0383"
@@ -63,6 +80,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/undertow-io/undertow"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/undertow-io/undertow/releases/tag/2.3.21.Final"
     }
   ],
   "database_specific": {
