Описание
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.
EPSS
Процентиль: 53%
0.00306
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-833
Связанные уязвимости
CVSS3: 5.9
redhat
больше 1 года назад
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.
CVSS3: 5.9
github
12 месяцев назад
Narayana deadlock via multiple join requests sent to LRA Coordinator
EPSS
Процентиль: 53%
0.00306
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-833