2018-07-27 17:29:00 2019-10-10 01:27:03

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Redhat Undertow 1.3.0 (not an official CPE) Redhat Undertow 1.2.12 (not an official CPE) Redhat Undertow 1.2.11 (not an official CPE) Redhat Undertow 1.2.10 (not an official CPE) Redhat Undertow 1.2.8 (not an official CPE) Redhat Undertow 1.2.9 (not an official CPE) Redhat Undertow 1.2.7 (not an official CPE) Redhat Undertow 1.2.6 (not an official CPE) Redhat Undertow 1.2.5 (not an official CPE) Redhat Undertow 1.2.4 (not an official CPE) Redhat Undertow 1.2.3 (not an official CPE) Redhat Undertow 1.2.2 (not an official CPE) Redhat Undertow 1.2.1 (not an official CPE) Redhat Undertow 1.2.0 Beta9 (not an official CPE) Redhat Undertow 1.2.0 Beta8 (not an official CPE) Redhat Undertow 1.2.0 Beta7 (not an official CPE) Redhat Undertow 1.2.0 Beta6 (not an official CPE) Redhat Undertow 1.2.0 Beta5 (not an official CPE) Redhat Undertow 1.2.0 Beta4 (not an official CPE) Redhat Undertow 1.2.0 Beta3 (not an official CPE) RedHat Undertow 1.2.0 beta2 Redhat Undertow 1.2.0 Beta10 (not an official CPE) Redhat Undertow 1.2.0 Beta1 (not an official CPE) Redhat Undertow 1.2.0 - (not an official CPE) Redhat Undertow 1.2.0 (not an official CPE) Redhat Undertow 1.1.9 (not an official CPE) Redhat Undertow 1.1.8 (not an official CPE) Redhat Undertow 1.1.7 (not an official CPE) Redhat Undertow 1.1.6 (not an official CPE) Redhat Undertow 1.1.5 (not an official CPE) Redhat Undertow 1.1.4 (not an official CPE) Redhat Undertow 1.1.3 (not an official CPE) Redhat Undertow 1.1.2 (not an official CPE) Redhat Undertow 1.1.1 (not an official CPE) RedHat Undertow 1.1.0 CR4 Redhat Undertow 1.1.0 Beta8 (not an official CPE) Redhat Undertow 1.1.0 Beta7 (not an official CPE) Redhat Undertow 1.1.0 Beta6 (not an official CPE) Redhat Undertow 1.1.0 Beta5 (not an official CPE) Redhat Undertow 1.1.0 Beta4 (not an official CPE) Redhat Undertow 1.1.0 Beta3 (not an official CPE) Redhat Undertow 1.1.0 Beta2 (not an official CPE) Redhat Undertow 1.1.0 Beta1 (not an official CPE) Redhat Undertow 1.1.0 - (not an official CPE) Redhat Undertow 1.1.0 (not an official CPE) Redhat Undertow 1.0.19 (not an official CPE) Redhat Undertow 1.0.18 (not an official CPE) Redhat Undertow 1.0.17 (not an official CPE) RedHat Undertow 1.0.16 Redhat Undertow 1.0.15 (not an official CPE) Redhat Undertow 1.0.14 (not an official CPE) Redhat Undertow 1.0.13 (not an official CPE) Redhat Undertow 1.0.12 (not an official CPE) Redhat Undertow 1.0.11 (not an official CPE) Redhat Undertow 1.0.10 (not an official CPE) Redhat Undertow 1.0.9 (not an official CPE) Redhat Undertow 1.0.8 (not an official CPE) Redhat Undertow 1.0.7 (not an official CPE) Redhat Undertow 1.0.6 (not an official CPE) Redhat Undertow 1.0.5 (not an official CPE) Redhat Undertow 1.0.4 (not an official CPE) Redhat Undertow 1.0.3 (not an official CPE) Redhat Undertow 1.0.2 (not an official CPE) Redhat Undertow 1.0.1 (not an official CPE) Redhat Undertow 1.0.0 Beta9 (not an official CPE) Redhat Undertow 1.0.0 Beta8 (not an official CPE) Redhat Undertow 1.0.0 Beta7 (not an official CPE) Redhat Undertow 1.0.0 Beta6 (not an official CPE) Redhat Undertow 1.0.0 Beta5 (not an official CPE) Redhat Undertow 1.0.0 Beta4 (not an official CPE) Redhat Undertow 1.0.0 Beta33 (not an official CPE) Redhat Undertow 1.0.0 Beta32 (not an official CPE) Redhat Undertow 1.0.0 Beta31 (not an official CPE) Redhat Undertow 1.0.0 Beta30 (not an official CPE) Redhat Undertow 1.0.0 Beta3 (not an official CPE) Redhat Undertow 1.0.0 Beta29 (not an official CPE) Redhat Undertow 1.0.0 Beta28 (not an official CPE) Redhat Undertow 1.0.0 Beta27 (not an official CPE) Redhat Undertow 1.0.0 Beta26 (not an official CPE) Redhat Undertow 1.0.0 Beta25 (not an official CPE) Redhat Undertow 1.0.0 Beta24 (not an official CPE) Redhat Undertow 1.0.0 Beta23 (not an official CPE) Redhat Undertow 1.0.0 Beta22 (not an official CPE) Redhat Undertow 1.0.0 Beta21 (not an official CPE) Redhat Undertow 1.0.0 Beta20 (not an official CPE) Redhat Undertow 1.0.0 Beta2 (not an official CPE) Redhat Undertow 1.0.0 Beta19 (not an official CPE) Redhat Undertow 1.0.0 Beta18 (not an official CPE) Redhat Undertow 1.0.0 Beta17 (not an official CPE) Redhat Undertow 1.0.0 Beta16 (not an official CPE) Redhat Undertow 1.0.0 Beta15 (not an official CPE) Redhat Undertow 1.0.0 Beta14 (not an official CPE) Redhat Undertow 1.0.0 Beta13 (not an official CPE) Redhat Undertow 1.0.0 Beta12 (not an official CPE) Redhat Undertow 1.0.0 Beta11 (not an official CPE) Redhat Undertow 1.0.0 Beta10 (not an official CPE) Redhat Undertow 1.0.0 Beta1 (not an official CPE) Redhat Undertow 1.0.0 Alpha9 (not an official CPE) Redhat Undertow 1.0.0 Alpha8 (not an official CPE) Redhat Undertow 1.0.0 Alpha7 (not an official CPE) Redhat Undertow 1.0.0 Alpha6 (not an official CPE) Redhat Undertow 1.0.0 Alpha5 (not an official CPE) Redhat Undertow 1.0.0 Alpha4 (not an official CPE) Redhat Undertow 1.0.0 Alpha3 (not an official CPE) Redhat Undertow 1.0.0 Alpha22 (not an official CPE) Redhat Undertow 1.0.0 Alpha21 (not an official CPE) Redhat Undertow 1.0.0 Alpha20 (not an official CPE) Redhat Undertow 1.0.0 Alpha2 (not an official CPE) Redhat Undertow 1.0.0 Alpha19 (not an official CPE) Redhat Undertow 1.0.0 Alpha18 (not an official CPE) Redhat Undertow 1.0.0 Alpha17 (not an official CPE) Redhat Undertow 1.0.0 Alpha16 (not an official CPE) Redhat Undertow 1.0.0 Alpha15 (not an official CPE) Redhat Undertow 1.0.0 Alpha14 (not an official CPE) Redhat Undertow 1.0.0 Alpha13 (not an official CPE) Redhat Undertow 1.0.0 Alpha12 (not an official CPE) Redhat Undertow 1.0.0 Alpha11 (not an official CPE) Redhat Undertow 1.0.0 Alpha10 (not an official CPE) Redhat Undertow 1.0.0 Alpha1 (not an official CPE) Redhat Undertow 1.0.0 - (not an official CPE) Redhat Undertow 1.0.0 (not an official CPE) Redhat Undertow - (not an official CPE) Redhat Jboss enterprise application platform 7.1.0 (not an official CPE) Redhat Jboss enterprise application platform 7.0.0 (not an official CPE) Red Hat JBOSS Enterprise Application Platform 6.0.0 Redhat Undertow 1.3.0 - (not an official CPE) Redhat Undertow 1.3.0 Beta1 (not an official CPE) Redhat Undertow 1.3.0 Beta10 (not an official CPE) Redhat Undertow 1.3.0 Beta11 (not an official CPE) Redhat Undertow 1.3.0 Beta12 (not an official CPE) Redhat Undertow 1.3.0 Beta13 (not an official CPE) Redhat Undertow 1.3.0 Beta2 (not an official CPE) Redhat Undertow 1.3.0 Beta3 (not an official CPE) Redhat Undertow 1.3.0 Beta4 (not an official CPE) Redhat Undertow 1.3.0 Beta5 (not an official CPE) Redhat Undertow 1.3.0 Beta6 (not an official CPE) Redhat Undertow 1.3.0 Beta7 (not an official CPE) Redhat Undertow 1.3.0 Beta8 (not an official CPE) Redhat Undertow 1.3.0 Beta9 (not an official CPE) Redhat Undertow 1.3.1 (not an official CPE) Redhat Undertow 1.3.2 (not an official CPE) Redhat Undertow 1.3.3 (not an official CPE) Redhat Undertow 1.3.4 (not an official CPE) Redhat Undertow 1.3.5 (not an official CPE) Redhat Undertow 1.3.6 (not an official CPE) Redhat Undertow 1.3.7 (not an official CPE) Redhat Undertow 1.3.8 (not an official CPE) Redhat Undertow 1.3.9 (not an official CPE) Redhat Undertow 1.3.10 (not an official CPE) Redhat Undertow 1.3.11 (not an official CPE) Redhat Undertow 1.3.12 (not an official CPE) Redhat Undertow 1.3.13 (not an official CPE) Redhat Undertow 1.3.14 (not an official CPE) Redhat Undertow 1.3.15 (not an official CPE) Redhat Undertow 1.3.16 (not an official CPE) Redhat Undertow 1.3.17 (not an official CPE) Redhat Undertow 1.3.18 (not an official CPE) Redhat Undertow 1.3.19 (not an official CPE) Redhat Undertow 1.3.20 (not an official CPE) Redhat Undertow 1.3.21 (not an official CPE) Redhat Undertow 1.3.22 (not an official CPE) Redhat Undertow 1.3.23 (not an official CPE) Redhat Undertow 1.3.24 (not an official CPE) Redhat Undertow 1.3.25 (not an official CPE) Redhat Undertow 1.3.26 (not an official CPE) Redhat Undertow 1.3.27 (not an official CPE)