Lucene search
PRIOn knowledge basePRION:CVE-2017-2670HistoryJul 27, 2018 - 3:29 p.m.
Code injection
2018-07-2715:29:00
PRIOn knowledge base
www.prio-n.com
15
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
References
rhn.redhat.com/errata/RHSA-2017-1409.html
www.securityfocus.com/bid/98965
access.redhat.com/errata/RHSA-2017:1410
access.redhat.com/errata/RHSA-2017:1411
access.redhat.com/errata/RHSA-2017:1412
access.redhat.com/errata/RHSA-2017:3454
access.redhat.com/errata/RHSA-2017:3455
access.redhat.com/errata/RHSA-2017:3456
access.redhat.com/errata/RHSA-2017:3458
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
www.debian.org/security/2017/dsa-3906
Related
redhatcve
redhatcve
CVE-2017-2670
2019-10-15 06:37:24
github
github
Moderate severity vulnerability that affects io.undertow:undertow-core
2018-10-19 16:54:56
osv
osv
CVE-2017-2670
2018-07-27 15:29:00
Moderate severity vulnerability that affects io.undertow:undertow-core
2018-10-19 16:54:56
undertow - security update
2017-07-11 00:00:00
nvd
nvd
CVE-2017-2670
2018-07-27 15:29:00
debiancve
debiancve
CVE-2017-2670
2018-07-27 15:29:00
cvelist
cvelist
CVE-2017-2670
2018-07-27 15:00:00
veracode
veracode
Denial Of Service (DoS)
2017-06-29 06:57:55
ubuntucve
ubuntucve
CVE-2017-2670
2018-07-27 00:00:00
cve
cve
CVE-2017-2670
2018-07-27 15:29:00
openvas
openvas
Debian Security Advisory DSA 3906-1 (undertow - security update)
2017-07-11 00:00:00
Debian: Security Advisory (DSA-3906-1)
2017-07-10 00:00:00
nessus
nessus
Debian DSA-3906-1 : undertow - security update
2017-07-12 00:00:00
RHEL 6 : JBoss EAP (RHSA-2017:1410)
2018-09-04 00:00:00
RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:1412)
2018-08-29 00:00:00
debian
debian
[SECURITY] [DSA 3906-1] undertow security update
2017-07-11 21:23:40
redhat
redhat