CVE-2022-2764

Опубликовано: 01 сент. 2022

Источник: debian

Описание

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

Пакет	Статус	Версия исправления	Релиз	Тип
undertow	fixed	2.2.21-1		package

https://issues.redhat.com/browse/UNDERTOW-2048
https://github.com/undertow-io/undertow/pull/1382
https://github.com/undertow-io/undertow/pull/1386
https://github.com/undertow-io/undertow/commit/09d4dc44da0eb7a0cfa5d943de32e06c7cb2f7d2 (2.2.21.Final)
https://github.com/undertow-io/undertow/commit/05ab8777ed7cc3510acf4550102e5e38fc706fd1 (2.2.21.Final)
https://github.com/undertow-io/undertow/commit/f60972d29949c6c7c557d591171e89c74013edd0 (2.2.21.Final)
https://bugzilla.redhat.com/show_bug.cgi?id=2117506

CVE-2022-2764

CVSS3: 4.9

ubuntu

больше 3 лет назад

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

CVE-2022-2764

CVSS3: 4.2

redhat

больше 3 лет назад

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

CVE-2022-2764

CVSS3: 4.9

nvd

больше 3 лет назад

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

GHSA-xpxq-cp94-87j2

CVSS3: 4.9

github

больше 3 лет назад

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.