The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closing the connection while recv is executing.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

• S10 – Denial of Service

EPSS

Score: 0.00763
Percentile: 0.72404

CVSS Scoring

Affected Products

• cpe:2.3:a:nylon:nylon:0.2:*:*:*:*:*:*:*

← Back to Home