GHSA-3x7h-5hfr-hvjm

Опубликовано: 19 окт. 2018

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Moderate severity vulnerability that affects io.undertow:undertow-core

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Ссылки

Пакеты

Наименование

io.undertow:undertow-core

maven

Затронутые версииВерсия исправления

< 1.3.28

1.3.28

EPSS

Процентиль: 90%

0.05972

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-2670

Дефекты

CWE-835

Связанные уязвимости

CVE-2017-2670

CVSS3: 7.5

ubuntu

больше 7 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

CVE-2017-2670

CVSS3: 7.5

redhat

больше 8 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

CVE-2017-2670

CVSS3: 7.5

nvd

больше 7 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

CVE-2017-2670

CVSS3: 7.5

debian

больше 7 лет назад

It was found in Undertow before 1.3.28 that with non-clean TCP close, ...

EPSS

Процентиль: 90%

0.05972

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-2670

Дефекты

CWE-835