Back to search
CVE-2017-7687
Published: Sep 28, 2017
Modified: Sep 16, 2024
PUBLISHED
Description
When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev might crash because the code accidentally calls inappropriate function. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache Mesos | affected versions prior to 1.1.3affected 1.2.x before 1.2.2affected 1.3.x before 1.3.1affected 1.4.0-dev |
References
[dev] 20170926 CVE-2017-7687: Libprocess might crash when decoding a malformed request.
mailing-list
x_refsource_MLIST
101027
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now