0.001 Low
EPSS
Percentile
51.0%
blaze-server is vulnerable to denial of service (DoS). The vulnerability exists through the unbounded connection acceptance in the NIO1SocketServerGroup that leads to the exhaustion of file handles.
NIO1SocketServerGroup
github.com/http4s/blaze/security/advisories/GHSA-xmw9-q7x9-j5qc
github.com/http4s/http4s/commit/987d6589ef79545b9bb2324ac4bdebf82d9a0171
github.com/http4s/http4s/security/advisories/GHSA-xhv5-w9c5-2r2w