Описание
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Issue TrackingVendor Advisory
- Issue TrackingThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Issue TrackingVendor Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:redhat:undertow:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00707
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-400
CWE-400
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 7 лет назад
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
CVSS3: 6.5
redhat
почти 8 лет назад
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
CVSS3: 6.5
debian
больше 7 лет назад
It was found that URLResource.getLastModified() in Undertow closes the ...
EPSS
Процентиль: 72%
0.00707
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-400
CWE-400