High severity7.5NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-2670
CVE-2017-2670
Description
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.undertow:undertow-coreMaven | < 1.3.28 | 1.3.28 |
Affected products
1Patches
Vulnerability mechanics
References
13- rhn.redhat.com/errata/RHSA-2017-1409.htmlnvdVendor Advisory
- www.securityfocus.com/bid/98965nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:1410nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:1411nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:1412nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:3454nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:3455nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:3456nvdVendor Advisory
- access.redhat.com/errata/RHSA-2017:3458nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- github.com/advisories/GHSA-3x7h-5hfr-hvjmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-2670ghsaADVISORY
- www.debian.org/security/2017/dsa-3906nvdThird Party Advisory
News mentions
0No linked articles in our index yet.