漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Reactor Netty HTTP Server Metrics DoS Vulnerability
Vulnerability Description
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in integration with Micrometer is enabled.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
N/A
Vulnerability Title
Reactor Netty 安全漏洞
Vulnerability Description
Reactor Netty是基于 Netty 框架的非阻塞和背压就绪的 TCP/HTTP/UDP/QUIC 客户端和服务器。 Reactor Netty存在安全漏洞,该漏洞源于HTTP Server允许攻击者通过特制的HTTP请求导致拒绝服务(DOS)。受影响的产品和版本:Reactor Netty HTTP Server 1.1.13之前的1.1.x版本和1.0.39之前的1.0.x版本。
CVSS Information
N/A
Vulnerability Type
N/A