Lucene search
K

72 matches found

Veracode
Veracode
added 2023/11/29 9:58 a.m.35 views

Denial Of Service

Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...

7.5CVSS6.9AI score0.00906EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2023/11/28 1:28 p.m.70 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS7.3AI score0.0115EPSS
Exploits0References3
OSV
OSV
added 2023/11/28 9:30 a.m.1 views

GHSA-Q24V-HPG3-V3JP Reactor Netty HTTP Server denial of service vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

7.5CVSS7.1AI score0.00906EPSS
Exploits0References8
OSV
OSV
added 2023/11/28 9:30 a.m.3 views

GHSA-V94H-HVHG-MF9H Spring Framework vulnerable to denial of service

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.4AI score0.0115EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/11/28 9:30 a.m.59 views

Spring Framework vulnerable to denial of service

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS7AI score0.0115EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2023/11/28 9:30 a.m.49 views

Reactor Netty HTTP Server denial of service vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

7.5CVSS6.9AI score0.00906EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2023/11/28 9:15 a.m.16 views

CVE-2023-34054

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

7.5CVSS0.00906EPSS
Exploits0References1
NVD
NVD
added 2023/11/28 9:15 a.m.32 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS0.0115EPSS
Exploits0References2
OSV
OSV
added 2023/11/28 9:15 a.m.13 views

UBUNTU-CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/11/28 9:15 a.m.53 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0References2
Prion
Prion
added 2023/11/28 9:15 a.m.18 views

Design/Logic Flaw

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

5CVSS6.9AI score0.00906EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/28 9:15 a.m.26 views

Design/Logic Flaw

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

5CVSS6.8AI score0.0115EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/11/28 8:16 a.m.982 views

CVE-2023-34054

CVE-2023-34054 affects the Reactor Netty HTTP Server. In versions 1.1.x prior to 1.1.13 and 1.0.x prior to 1.0.39, a user can send specially crafted HTTP requests that may cause a denial-of-service (DoS) if the Reactor Netty HTTP Server is used with Micrometer integration enabled. The available c...

7.5CVSS6AI score0.00906EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/28 8:16 a.m.26 views

CVE-2023-34054 Reactor Netty HTTP Server Metrics DoS Vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

5.3CVSS7.6AI score0.00906EPSS
Exploits0References1
OSV
OSV
added 2023/11/28 8:16 a.m.6 views

CVE-2023-34054 Reactor Netty HTTP Server Metrics DoS Vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

5.3CVSS6.7AI score0.00906EPSS
Exploits0References3
OSV
OSV
added 2023/11/28 8:10 a.m.15 views

CVE-2023-34053 Spring Framework server Web Observations DoS Vulnerability

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

5.3CVSS7AI score0.0115EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/11/28 8:10 a.m.32 views

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

7.5CVSS6.8AI score0.0115EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.5 views

PT-2023-8189

Name of the Vulnerable Software and Affected Versions Reactor Netty HTTP Server versions 1.0.x prior to 1.0.39 Reactor Netty HTTP Server versions 1.1.x prior to 1.1.13 Description The issue is related to an uncontrolled resource consumption in the Reactor Netty HTTP Server, which can be exploited...

7.5CVSS6.7AI score0.00906EPSS
Exploits0References14
Spring Security Advisories
Spring Security Advisories
added 2023/11/27 12:0 a.m.6 views

Reactor Netty HTTP Server Metrics DoS Vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

5.3CVSS6.6AI score0.00906EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2023/11/21 12:0 a.m.8 views

This Week in Spring - Spring Boot 3.2 edition - November 21st, 2023

Hi, Spring fans! Welcome to another epic installment of This Week in Spring! As amazing as the week's already been, it's all leading up to this Thursday - Thanksgiving day! - when we release Spring Boot 3.2! and yes, I am very grateful. This release is stuffed to the gills with a ton of new...

7.2AI score
Exploits0
Rows per page
Query Builder