Description

Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infinite loop) via unknown vectors related to "crafted input."

Remediation

References

http://getahead.ltd.uk/dwr/changelog

Related Vulnerabilities

CVE-2021-20289 Vulnerability in maven package org.jboss.resteasy:resteasy-core

CVE-2019-10383 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2020-7754 Vulnerability in npm package npm-user-validate

CVE-2017-20165 Vulnerability in maven package org.webjars.npm:debug

CVE-2023-35160 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates

Severity

Critical

Tags

Patch NVD-CWE-Other