Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-12174

Опубликовано: 05 фев. 2018
Источник: redhat
CVSS3: 7.5
EPSS Средний

Описание

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat JBoss Operations Network 3hornetqNot affected
Red Hat JBoss EAP 7FixedRHSA-2018:047812.03.2018
Red Hat JBoss Enterprise Application Platform 6.4hornetqFixedRHSA-2018:026905.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5hornetqFixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5infinispanFixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5ironjacamar-eap6FixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5jboss-as-appclientFixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5jbossas-appclientFixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5jbossas-bundlesFixedRHSA-2018:027105.02.2018
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5jboss-as-cliFixedRHSA-2018:027105.02.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1498378artemis/hornetq: memory exhaustion via UDP and JGroups discovery

EPSS

Процентиль: 95%
0.20493
Средний

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-12174

CVSS3: 7.5
nvd
почти 8 лет назад

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

github логотип

GHSA-gc96-h5pr-839j

CVSS3: 7.5
github
больше 3 лет назад

Uncontrolled Resource Consumption in Artemis and HornetQ

EPSS

Процентиль: 95%
0.20493
Средний

7.5 High

CVSS3