CVE-2024-1635 | Undertow prior 2.2.30.SP1/2.3.10.SP3 HTTP Upgrade WriteTimeoutStreamSinkConduit resource consumption

Inserito da Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability has been found in Undertow and classified as problematic. Affected by this vulnerability is the function WriteTimeoutStreamSinkConduit of the component HTTP Upgrade Handler. The manipulation leads to resource consumption.

This vulnerability is known as CVE-2024-1635. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1635 | Undertow prior 2.2.30.SP1/2.3.10.SP3 HTTP Upgrade WriteTimeoutStreamSinkConduit resource consumption

Post correlati

CVE-2024-28661 | FFmpeg Remote Code Execution

CVE-2024-33789 | Linksys E5600 1.1.0.26 /API/info ipurl command injection

CVE-2023-7179 | Campcodes Online College Library System 1.0 HTTP POST Request /admin/category_row.php id sql injection

CVE-2023-39329 | OpenJPEG tcd.c opj_t1_decode_cblks resource consumption