Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-2146

Опубликовано: 15 апр. 2016
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
Версия до 0.11.0 (включая)

EPSS

Процентиль: 70%
0.00649
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2016-2146

CVSS3: 7.5
ubuntu
почти 10 лет назад

The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.

redhat логотип

CVE-2016-2146

redhat
почти 10 лет назад

The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.

debian логотип

CVE-2016-2146

CVSS3: 7.5
debian
почти 10 лет назад

The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...

github логотип

GHSA-cm8g-34xp-fvpw

CVSS3: 7.5
github
больше 3 лет назад

The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.

EPSS

Процентиль: 70%
0.00649
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-119