search

SamHeadrickCx / JavaVulnerableLab-1

lab
GNU General Public License v2.0
0 stars 0 forks source link

CX: CVE-2020-10705 in Maven-io.undertow:undertow-core and 2.0.9.Final @ JavaVulnerableLab-1.refs/heads/master #25

Open github-actions[bot] opened 2 years ago

github-actions[bot] commented 2 years ago

Description

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service.

HIGH Vulnerable Package issue exists @ io.undertow:undertow-core in branch refs/heads/master

Vulnerability ID: CVE-2020-10705

Package Name: io.undertow:undertow-core

Severity: HIGH

CVSS Score: 7.5

Publish Date: 2020-06-10T20:15:00

Current Package Version: 2.0.9.Final

Remediation Upgrade Recommendation: 2.2.36.Final

Link To SCA

Reference – NVD link

github-actions[bot] commented 2 years ago

Issue still exists.

github-actions[bot] commented 1 month ago

Issue still exists.

github-actions[bot] commented 4 days ago

Issue still exists.

github-actions[bot] commented 4 days ago

Issue still exists.