CVE-2023-20882

MEDIUM Year: 2023
CVSS v3 Score
5.9
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected backend as failed and removes it from the routing pool.

Related Vulnerabilities

CVE-2013-7470

MEDIUM
CVSS:5.9(Medium)

cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstra...

CWE-4002013

CVE-2016-10544

MEDIUM
CVSS:5.9(Medium)

uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to...

CWE-4002016

CVE-2016-6307

MEDIUM
CVSS:5.9(Medium)

The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consum...

CWE-4002016

CVE-2017-15130

MEDIUM
CVSS:5.9(Medium)

A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the...

CWE-4002017

CVE-2017-16025

MEDIUM
CVSS:5.9(Medium)

Nes is a websocket extension library for hapi. Hapi is a webserver framework. Versions below and including 6.4.0 have a denial of service vulnerability via an invalid Cookie header. This is only prese...

CWE-4002017

CVE-2017-3140

MEDIUM
CVSS:5.9(Medium)

If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5...

CWE-4002017