CVE-2017-2670

Опубликовано: 27 июл. 2018

Источник: debian

EPSS Низкий

Описание

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
undertow	fixed	1.4.18-1		package

Примечания

Fixed by https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
https://issues.jboss.org/browse/UNDERTOW-1035

EPSS

Процентиль: 90%

0.05972

Низкий

Связанные уязвимости

CVE-2017-2670

CVSS3: 7.5

ubuntu

больше 7 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

CVE-2017-2670

CVSS3: 7.5

redhat

больше 8 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

CVE-2017-2670

CVSS3: 7.5

nvd

больше 7 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

GHSA-3x7h-5hfr-hvjm

CVSS3: 7.5

github

больше 7 лет назад

Moderate severity vulnerability that affects io.undertow:undertow-core

EPSS

Процентиль: 90%

0.05972

Низкий