CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:ws-xmlrpc:3.1.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-06 18:29

Updated : 2017-06-16 13:06


NVD link : CVE-2016-5004

Mitre link : CVE-2016-5004

CVE.ORG link : CVE-2016-5004


JSON object : View

Products Affected

apache

  • ws-xmlrpc
CWE
CWE-400

Uncontrolled Resource Consumption