CVE-2024-4027
Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks
A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Red Hat · OpenShift ServerlessRed Hat · Red Hat build of Apache Camel 4 for Quarkus 3Red Hat · Red Hat build of Apache Camel for Spring Boot 3Red Hat · Red Hat build of Apache Camel for Spring Boot 4Red Hat · Red Hat build of Apache Camel - HawtIO 4Red Hat · Red Hat build of Apicurio Registry 2Red Hat · Red Hat Build of KeycloakRed Hat · Red Hat build of OptaPlanner 8Red Hat · Red Hat build of QuarkusRed Hat · Red Hat Data Grid 8Red Hat · Red Hat Fuse 7Red Hat · Red Hat Integration Camel K 1Red Hat · Red Hat JBoss Data Grid 7Red Hat · Red Hat JBoss Enterprise Application Platform 7Red Hat · Red Hat JBoss Enterprise Application Platform 8Red Hat · Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat · Red Hat JBoss Fuse Service Works 6Red Hat · Red Hat Process Automation 7Red Hat · Red Hat Single Sign-On 7Red Hat · streams for Apache Kafka¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →