Moderate severity vulnerability that affects io.undertow:undertow-core

GHSA-3x7h-5hfr-hvjm · CVE-2017-2670

Published Oct 19, 2018 · Modified Nov 8, 2023

Description

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-2670
ADVISORY https://github.com/advisories/GHSA-3x7h-5hfr-hvjm

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes