Описание
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Fuse 7 | karaf | Affected | ||
| Red Hat JBoss Data Grid 7 | undertow | Affected | ||
| Red Hat JBoss Fuse 6 | karaf | Will not fix | ||
| Red Hat JBoss Fuse Integration Service 2 | undertow | Affected | ||
| Red Hat Single Sign-On 7 | wildfly | Affected | ||
| Red Hat JBoss Data Grid 7.1 | Fixed | RHSA-2017:3244 | 16.11.2017 | |
| Red Hat JBoss EAP 7 | Fixed | RHSA-2017:1409 | 07.06.2017 | |
| Red Hat JBoss EAP 7 | Fixed | RHSA-2017:3456 | 13.12.2017 | |
| Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 | eap7-activemq-artemis | Fixed | RHSA-2017:1410 | 07.06.2017 |
| Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 | eap7-apache-cxf | Fixed | RHSA-2017:1410 | 07.06.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
It was found in Undertow before 1.3.28 that with non-clean TCP close, ...
Moderate severity vulnerability that affects io.undertow:undertow-core
EPSS
7.5 High
CVSS3