Undertow Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability - CVE-2023-1108 - Vulnerability Database

Undertow Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability - CVE-2023-1108

High

Reference: CVE-2023-1108

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-1108

Title: Undertow Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability

Overview:

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit where the loop never terminates.