Описание
The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.
Ссылки
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.6.8 (исключая)
cpe:2.3:a:eclipse:milo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00331
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 7.5
redhat
больше 3 лет назад
The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.
CVSS3: 7.5
github
больше 3 лет назад
Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service)
EPSS
Процентиль: 55%
0.00331
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770