Описание
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of Quarkus | undertow | Not affected | ||
| Red Hat build of Quarkus | quarkus-http | Not affected | ||
| Red Hat Data Grid 8 | undertow | Fix deferred | ||
| Red Hat Decision Manager 7 | undertow | Not affected | ||
| Red Hat Fuse 7 | undertow | Fix deferred | ||
| Red Hat Integration Camel K 1 | undertow | Fix deferred | ||
| Red Hat Integration Camel Quarkus 1 | undertow | Fix deferred | ||
| Red Hat Integration Service Registry | undertow | Not affected | ||
| Red Hat JBoss Data Grid 7 | undertow | Out of support scope | ||
| Red Hat JBoss Fuse 6 | undertow | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
4.2 Medium
CVSS3
Связанные уязвимости
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
A flaw was found in Undertow. Denial of service can be achieved as Und ...
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
EPSS
4.2 Medium
CVSS3