Описание
An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long message in a TCP request that leads to std::length_error.
Ссылки
- PatchThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.20 (исключая)
cpe:2.3:a:drachtio:drachtio-server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00667
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-170
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long message in a TCP request that leads to std::length_error.
EPSS
Процентиль: 71%
0.00667
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-170