Details
-
Task
-
Status: Closed
-
Critical
-
Resolution: Duplicate
-
2.12.2
-
None
-
None
-
Important
Description
CVE-2017-10355 (OSSINDEX)
sonatype-2017-0348 - xerces:xercesImpl - Denial of Service (DoS) The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
CWE-833 Deadlock
CVSSv3:
- Base Score: MEDIUM (5.9)
- Vector: CVSS:/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- OSSINDEX - [CVE-2017-10355] CWE-833: Deadlock
- OSSIndex - https://blogs.securiteam.com/index.php/archives/3271
Vulnerable Software & Versions (OSSINDEX):
- cpe:2.3:a:xerces:xercesImpl:2.12.2:::::::*