kevin.wang created CXF-7507:
-------------------------------
Summary: DoS Vulnerability
Key: CXF-7507
URL: https://issues.apache.org/jira/browse/CXF-7507
Project: CXF
Issue Type: Bug
Components: Core
Affects Versions: 3.1.11
Reporter: kevin.wang
Priority: Critical
There is one possible DOS vulnerability in the code ContentDisposition
constructor.
In the codes , it will use the pattern to parse MIME content-disposition.
if the content-disposition content has more than 1M chars, CPU usage of any web
service
would be used up and reach over more than 98%.
please consider solve this issue asap.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
