CVE-2020-27782
N/A
N/A
Summary
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Undertow | 2.1.5.SP1 | affected |
| n/a | Undertow | 2.0.33.SP2 | affected |
| n/a | Undertow | 2.2.3.SP1 | affected |
Weaknesses
- CWE-400: CWE-400
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.