CVE-2021-22904 - log back

CVE-2021-22904 edited at 05 May 2021 16:58:39
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions 6.1.3.2, 6.0.3.7, 5.2.4.6 and 5.2.6. Impacted code uses "authenticate_or_request_with_http_token" or "authenticate_with_http_token" for request authentication.
References
+ https://www.openwall.com/lists/oss-security/2021/05/05/4
CVE-2021-22904 created at 05 May 2021 16:51:45
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes