CVE-2017-2670
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-2670
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-2670.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-2670
- Aliases
- Downstream
- Published
- 2018-07-27T15:29:00.487Z
- Modified
- 2025-11-14T05:10:41.178569Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
- References
-
- http://rhn.redhat.com/errata/RHSA-2017-1409.html
- http://www.securityfocus.com/bid/98965
- https://access.redhat.com/errata/RHSA-2017:1410
- https://access.redhat.com/errata/RHSA-2017:1411
- https://access.redhat.com/errata/RHSA-2017:1412
- https://access.redhat.com/errata/RHSA-2017:3454
- https://access.redhat.com/errata/RHSA-2017:3455
- https://access.redhat.com/errata/RHSA-2017:3456
- https://access.redhat.com/errata/RHSA-2017:3458
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
- https://www.debian.org/security/2017/dsa-3906
Affected packages
Git / github.com/undertow-io/undertow
Affected ranges
- Type
- GIT
- Repo
- https://github.com/undertow-io/undertow
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0.0.Alpha1
1.0.0.Alpha10
1.0.0.Alpha11
1.0.0.Alpha12
1.0.0.Alpha13
1.0.0.Alpha14
1.0.0.Alpha15
1.0.0.Alpha16
1.0.0.Alpha17
1.0.0.Alpha18
1.0.0.Alpha19
1.0.0.Alpha2
1.0.0.Alpha20
1.0.0.Alpha21
1.0.0.Alpha22
1.0.0.Alpha3
1.0.0.Alpha4
1.0.0.Alpha5
1.0.0.Alpha6
1.0.0.Alpha7
1.0.0.Alpha8
1.0.0.Alpha9
1.0.0.Beta1
1.0.0.Beta10
1.0.0.Beta11
1.0.0.Beta12
1.0.0.Beta13
1.0.0.Beta14
1.0.0.Beta15
1.0.0.Beta16
1.0.0.Beta17
1.0.0.Beta18
1.0.0.Beta19
1.0.0.Beta2
1.0.0.Beta20
1.0.0.Beta21
1.0.0.Beta22
1.0.0.Beta23
1.0.0.Beta24
1.0.0.Beta25
1.0.0.Beta26
1.0.0.Beta27
1.0.0.Beta28
1.0.0.Beta29
1.0.0.Beta3
1.0.0.Beta30
1.0.0.Beta31
1.0.0.Beta32
1.0.0.Beta33
1.0.0.Beta4
1.0.0.Beta5
1.0.0.Beta6
1.0.0.Beta7
1.0.0.Beta8
1.0.0.Beta9
1.0.0.CR1
1.0.0.CR2
1.0.0.CR3
1.0.0.CR4
1.0.0.Final
1.0.1.Final
1.0.2.Final
1.0.3.Final
1.1.0.Beta1
1.1.0.Beta2
1.1.0.Beta3
1.1.0.Beta4
1.1.0.Beta5
1.1.0.Beta6
1.1.0.Beta7
1.1.0.Beta8
1.2.0.Beta1
1.2.0.Beta10
1.2.0.Beta2
1.2.0.Beta3
1.2.0.Beta4
1.2.0.Beta5
1.2.0.Beta6
1.2.0.Beta7
1.2.0.Beta8
1.2.0.Beta9
1.2.0.CR1
1.2.0.Final
1.2.1.Final
1.2.2.Final
1.2.3.Final
1.2.4.Final
1.3.0.Beta1
1.3.0.Beta10
1.3.0.Beta11
1.3.0.Beta12
1.3.0.Beta13
1.3.0.Beta2
1.3.0.Beta3
1.3.0.Beta4
1.3.0.Beta5
1.3.0.Beta6
1.3.0.Beta7
1.3.0.Beta8
1.3.0.Beta9
1.3.0.CR1
1.3.0.CR2
1.3.0.CR3
1.3.0.Final
1.3.1.Final
1.3.10.Final
1.3.11.Final
1.3.12.Final
1.3.13.Final
1.3.14.Final
1.3.15.Final
1.3.16.Final
1.3.17.Final
1.3.18.Final
1.3.19.Final
1.3.2.Final
1.3.20.Final
1.3.21.Final
1.3.22.Final
1.3.23.Final
1.3.24.Final
1.3.25.Final
1.3.26.Final
1.3.27.Final
1.3.3.Final
1.3.5.Final
1.3.6.Final
1.3.7.Final
1.3.8.Final
1.3.9.Final