Description

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.

Remediation

References

CVE-2023-1108

Related Vulnerabilities

WordPress Plugin WordPress Meta Robots SQL Injection (2.1)

Apache 2.x version older than 2.0.43

WordPress Plugin Gravity Forms Arbitrary File Upload (1.8.19)

WordPress Plugin SoundCloud Is Gold Cross-Site Scripting (2.3.1)

CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)

Severity

High

Classification

CVE-2023-1108 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities