Description
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking Calendar Cross-Site Request Forgery (4.1.5)
WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)
MySQL CVE-2022-21617 Vulnerability (CVE-2022-21617)
OpenSSL Numeric Errors Vulnerability (CVE-2012-2131)
IBM RTC Generation of Error Message Containing Sensitive Information (CVE-2020-4487)