Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-19343

Опубликовано: 23 мар. 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jboss-remoting:*:*:*:*:*:*:*:*
Версия до 5.0.14 (исключая)
cpe:2.3:a:redhat:jboss-remoting:5.0.14:-:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*
Версия до 7.2.4 (исключая)
cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
Версия до 2.0.25 (исключая)
cpe:2.3:a:redhat:undertow:2.0.25:-:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*

EPSS

Процентиль: 66%
0.00507
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400
CWE-404

Связанные уязвимости

ubuntu логотип

CVE-2019-19343

CVSS3: 7.5
ubuntu
почти 5 лет назад

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.

redhat логотип

CVE-2019-19343

CVSS3: 5.9
redhat
около 6 лет назад

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.

debian логотип

CVE-2019-19343

CVSS3: 7.5
debian
почти 5 лет назад

A flaw was found in Undertow when using Remoting as shipped in Red Hat ...

github логотип

GHSA-4v4m-hgv5-x3qx

CVSS3: 7.5
github
больше 3 лет назад

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.

EPSS

Процентиль: 66%
0.00507
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400
CWE-404