CVE-2019-5097

MEDIUM Year: 2019
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-835
View all →

Vulnerability Description

A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server.

Related Vulnerabilities

CVE-2017-15223

MEDIUM
CVSS:5.3(Medium)

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an inf...

CWE-8352017

CVE-2018-9251

MEDIUM
CVSS:5.3(Medium)

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERRO...

CWE-8352018

CVE-2020-25625

MEDIUM
CVSS:5.3(Medium)

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

CWE-8352020

CVE-2023-42814

MEDIUM
CVSS:5.3(Medium)

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notar...

CWE-8352023

CVE-2023-42815

MEDIUM
CVSS:5.3(Medium)

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary v...

CWE-8352023

CVE-2024-34484

MEDIUM
CVSS:5.3(Medium)

OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via action.len=0.

CWE-8352024