CVE-2019-17555
N/A
N/A
Summary
The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache | Olingo | 4.0.0 to 4.6.0 | affected |
Weaknesses
- DoS via Retry-After header vulnerability
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.