First published: Thu Sep 08 2022(Updated: )
A flaw was found in the Eclipse Milo SDK Server. This flaw allows an attacker to consume the application memory, leading to a denial of service by sending specific requests.
Credit: report@snyk.io
Affected Software | Affected Version | How to fix |
---|---|---|
Eclipse Milo | <0.6.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-25897 is a vulnerability in the Eclipse Milo SDK Server that allows an attacker to cause a Denial of Service by sending multiple CloseSession requests.
CVE-2022-25897 has a severity rating of 7.5 (high).
The affected software is the org.eclipse.milo:sdk-server package before version 0.6.8.
To fix CVE-2022-25897, update the affected org.eclipse.milo:sdk-server package to version 0.6.8 or higher.
The CWE for CVE-2022-25897 is CWE-770 (Use of One-way Hash without a Salt).