CVE-2021-28165 log
Source |
|
Severity | High |
Remote | Yes |
Type | Denial of service |
Description | When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1841 | jenkins | 2.285-1 | 2.286-1 | High | Not affected |
References |
---|
https://www.jenkins.io/security/advisory/2021-04-20/ https://github.com/advisories/GHSA-26vr-8j45-3r4w |