Back to bug 2076486
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2022-04-19 07:48:47 UTC | Blocks | 2076487 | |
| Anten Skrabec | 2022-04-21 19:49:29 UTC | Doc Text | In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down to improper handling of http methods. Users are advised to upgrade. Users unable to upgrade may to restrict the path prefix to the "GET" method as a workaround. | |
| Anten Skrabec | 2022-04-21 19:50:17 UTC | Fixed In Version | http-swagger 1.2.6 | |
| Anten Skrabec | 2022-04-21 19:50:38 UTC | Doc Text | In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system. The cause of the memory exhaustion is down to improper handling of http methods. Users are advised to upgrade. Users unable to upgrade may to restrict the path prefix to the "GET" method as a workaround. | In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system due to improper handling of http methods. |
| RaTasha Tillery-Smith | 2022-04-22 12:46:57 UTC | Doc Text | In versions of http-swagger prior to 1.2.6 an attacker may perform a denial of service attack consisting of memory exhaustion on the host system due to improper handling of http methods. | A flaw was found in http-swagger. This flaw allows an attacker to perform a denial of service attack consisting of memory exhaustion on the host system due to improper handling of HTTP methods. |
| Red Hat Bugzilla | 2023-07-07 08:28:33 UTC | Assignee | security-response-team | nobody |
Back to bug 2076486