The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote malicious users to cause a denial of service (resource consumption) by decompressing a large file containing zeroes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache ws-xmlrpc 3.1.3 |