Description

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service.

Remediation

References

CVE-2020-10705

Related Vulnerabilities

WordPress Plugin GD Star Rating 'de' Parameter SQL Injection (1.9.10)

WordPress Plugin Product Catalog Privilege Escalation (3.8.1)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)

WordPress Plugin WP SlackSync Information Disclosure (1.8.5)

WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.5)

Severity

High

Classification

CVE-2020-10705 CWE-770 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities