Red Hat · Undertow · CVE-2016-9589
**Name of the Vulnerable Software and Affected Versions**
Wildfly versions prior to 11.0.0.Beta1
**Description**
The issue is related to a resource exhaustion problem in Undertow, which can lead to a denial of service. Undertow maintains a cache of seen HTTP headers in persistent connections. This cache can be exploited to fill memory with unnecessary data, up to a certain limit defined by the product's configuration, specifically "max-headers" and "max-header-size" per active TCP connection.
**Recommendations**
For versions prior to 11.0.0.Beta1, update to version 11.0.0.Beta1 or later to resolve the issue.