72 matches found
Denial Of Service
Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
GHSA-Q24V-HPG3-V3JP Reactor Netty HTTP Server denial of service vulnerability
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
GHSA-V94H-HVHG-MF9H Spring Framework vulnerable to denial of service
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
Spring Framework vulnerable to denial of service
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
Reactor Netty HTTP Server denial of service vulnerability
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
CVE-2023-34054
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
UBUNTU-CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
Design/Logic Flaw
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
Design/Logic Flaw
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
CVE-2023-34054
CVE-2023-34054 affects the Reactor Netty HTTP Server. In versions 1.1.x prior to 1.1.13 and 1.0.x prior to 1.0.39, a user can send specially crafted HTTP requests that may cause a denial-of-service (DoS) if the Reactor Netty HTTP Server is used with Micrometer integration enabled. The available c...
CVE-2023-34054 Reactor Netty HTTP Server Metrics DoS Vulnerability
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
CVE-2023-34054 Reactor Netty HTTP Server Metrics DoS Vulnerability
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
CVE-2023-34053 Spring Framework server Web Observations DoS Vulnerability
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...
PT-2023-8189
Name of the Vulnerable Software and Affected Versions Reactor Netty HTTP Server versions 1.0.x prior to 1.0.39 Reactor Netty HTTP Server versions 1.1.x prior to 1.1.13 Description The issue is related to an uncontrolled resource consumption in the Reactor Netty HTTP Server, which can be exploited...
Reactor Netty HTTP Server Metrics DoS Vulnerability
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...
This Week in Spring - Spring Boot 3.2 edition - November 21st, 2023
Hi, Spring fans! Welcome to another epic installment of This Week in Spring! As amazing as the week's already been, it's all leading up to this Thursday - Thanksgiving day! - when we release Spring Boot 3.2! and yes, I am very grateful. This release is stuffed to the gills with a ton of new...