Описание
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.28 (исключая)
cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
Одно из
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05972
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835
CWE-835
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 7 лет назад
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
CVSS3: 7.5
redhat
больше 8 лет назад
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
CVSS3: 7.5
debian
больше 7 лет назад
It was found in Undertow before 1.3.28 that with non-clean TCP close, ...
CVSS3: 7.5
github
больше 7 лет назад
Moderate severity vulnerability that affects io.undertow:undertow-core
EPSS
Процентиль: 90%
0.05972
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835
CWE-835