Lucene search
Veracode Vulnerability DatabaseVERACODE:32787HistoryNov 02, 2021 - 3:09 a.m.
Denial Of Service (DoS)
2021-11-0203:09:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
org.apache.mina
mina-http
denial of service
http request
crafted
vulnerability
EPSS
0.004
Percentile
74.9%
org.apache.mina:mina-http is vulnerable to denial of service(DoS) attack. An attacker is able to trigger DoS when a specifically crafted malformed HTTP request is sent to the HTTP Header decoder to loop indefinitely.
References
www.openwall.com/lists/oss-security/2021/11/01/2
www.openwall.com/lists/oss-security/2021/11/01/8
github.com/apache/mina/commit/7dc266ac9a74f50669039c10be3d2defa2ac8b58
lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E
www.openwall.com/lists/oss-security/2021/11/01/2
www.openwall.com/lists/oss-security/2021/11/01/8
www.oracle.com/security-alerts/cpuapr2022.html
Related
redhatcve
redhatcve
CVE-2021-41973
2021-11-29 05:23:03
prion
prion
Design/Logic Flaw
2021-11-01 09:15:00
osv
osv
Infinite loop in Apache MINA
2021-11-03 17:30:35
CVE-2021-41973
2021-11-01 09:15:09
nvd
nvd
CVE-2021-41973
2021-11-01 09:15:09
cve
cve
CVE-2021-41973
2021-11-01 09:15:09
github
github
Infinite loop in Apache MINA
2021-11-03 17:30:35
cnvd
cnvd
Apache MINA Denial of Service Vulnerability
2021-11-04 00:00:00
cvelist
cvelist
CVE-2021-41973 Apache MINA HTTP listener DOS
2021-11-01 08:35:09
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00