Description

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

Remediation

References

CVE-2022-2764

Related Vulnerabilities

WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)

GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527)

WordPress Plugin Mobile Apps by Wiziapp (Native iPhone & Android mobile Apps) Multiple Unspecified Vulnerabilities (4.1.2)

Severity

Medium

Classification

CVE-2022-2764 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities