Description

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.

Remediation

References

CVE-2023-1108

Related Vulnerabilities

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.4)

IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)

MySQL Other Vulnerability (CVE-2009-0819)

Apache 2.x version older than 2.0.51

WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3)

Severity

High

Classification

CVE-2023-1108 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities