Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-2764

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

Published

2022-09-01T21:15:09.807

Last Modified

2024-11-21T07:01:39.693

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-400
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application redhat integration_camel_k - Yes
Application redhat jboss_enterprise_application_platform 7.0.0 Yes
Application redhat jboss_fuse 7.0.0 Yes
Application redhat single_sign-on 7.0 Yes
Application redhat undertow ≤ 2.2.19 Yes
Application redhat undertow 2.3.0 Yes
Application redhat undertow 2.3.0 Yes
Application netapp active_iq_unified_manager - Yes
Application netapp active_iq_unified_manager - Yes
Application netapp active_iq_unified_manager - Yes
Application netapp cloud_secure_agent - Yes
Application netapp oncommand_insight - Yes
Application netapp oncommand_workflow_automation - Yes
References