A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the «Expect: 100-continue» header may cause an out of memory error. This flaw may potentially lead to a denial of service.
