CVE-2018-12541
moderate-risk
Published 2018-10-10
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit (8192 bytes) above which the WebSocket gets an HTTP response with the 413 status code and the connection gets closed.
Do I need to act?
~
1.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (1)
Vert.X
Affected Vendors
References (32)
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2946
Vendor Advisory
https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170
Third Party Advisory
https://github.com/eclipse-vertx/vert.x/issues/2648
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2946
Vendor Advisory
https://bugs.eclipse.org/bugs/show_bug.cgi?id=539170
Third Party Advisory
https://github.com/eclipse-vertx/vert.x/issues/2648
and 12 more references
33
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
4/34 · Minimal
Exposure
5/34 · Minimal