A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.
References
Link | Resource |
---|---|
https://research.jfrog.com/vulnerabilities/undefined-variable-usage-in-proxy-leads-to-remote-denial-of-service-xray-520917 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: JFROG
Published: 2023-05-30T17:37:45.166Z
Updated: 2023-05-30T17:37:45.166Z
Reserved: 2023-05-29T21:15:17.688Z
Link: CVE-2023-2968
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-30T18:15:09.997
Modified: 2023-06-06T14:38:15.320
Link: CVE-2023-2968
JSON object: View
Redhat Information
No data.