Lucene search
GoogleOSV:CVE-2024-6162HistoryJun 20, 2024 - 3:15 p.m.
CVE-2024-6162
2024-06-2015:15:00
Google
osv.dev
3
undertow
vulnerability
url-encoded
request path
denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.9%
A vulnerability was found in Undertow. URL-encoded request path information can be broken for concurrent requests on ajp-listener, causing the wrong path to be processed and resulting in a possible denial of service.
Related
osv
osv
github
github
nvd
nvd
CVE-2024-6162
2024-06-20 15:15:50
ibm
ibm
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2024-6162
2024-06-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2024-06-21 06:40:09
redhatcve
redhatcve
CVE-2024-6162
2024-06-20 14:27:57
debiancve
debiancve
CVE-2024-6162
2024-06-20 15:15:50
cve
cve
CVE-2024-6162
2024-06-20 15:15:50
vulnrichment
vulnrichment
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.9%
Related for OSV:CVE-2024-6162