Описание
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| jss | fixed | 5.5.0-1 | package | |
| jss | ignored | bookworm | package | |
| jss | no-dsa | bullseye | package | |
| jss | not-affected | buster | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2147372
Triggered by: https://github.com/dogtagpki/jss/pull/928
Upstream PR: https://github.com/dogtagpki/jss/pull/970
https://github.com/dogtagpki/jss/commit/bc8e2e6a37922cd15ef39e7e9c194b0dcbea8aa6 (v5.5.0-alpha2)
EPSS
Связанные уязвимости
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Уязвимость инструмента для стилизации веб-приложений с помощью JavaScript JSS, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании
EPSS