Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-14340

Опубликовано: 24 июл. 2020
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.

A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
A-MQ Clients 2xnioNot affected
Red Hat BPM Suite 6xnioOut of support scope
Red Hat CodeReady Studio 12xnioNot affected
Red Hat Data Grid 8xnioNot affected
Red Hat Decision Manager 7xnioNot affected
Red Hat Integration Camel K 1xnioNot affected
Red Hat JBoss BRMS 5xnioOut of support scope
Red Hat JBoss BRMS 6xnioOut of support scope
Red Hat JBoss Data Grid 6xnioOut of support scope
Red Hat JBoss Data Grid 7xnioOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1860218xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS

EPSS

Процентиль: 52%
0.0029
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-14340

CVSS3: 5.9
ubuntu
больше 4 лет назад

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.

nvd логотип

CVE-2020-14340

CVSS3: 5.9
nvd
больше 4 лет назад

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.

debian логотип

CVE-2020-14340

CVSS3: 5.9
debian
больше 4 лет назад

A vulnerability was discovered in XNIO where file descriptor leak caus ...

github логотип

GHSA-c738-77x8-wmq5

CVSS3: 5.9
github
больше 4 лет назад

Uncontrolled Resource Consumption in XNIO

fstec логотип

BDU:2021-04623

CVSS3: 5.9
fstec
больше 5 лет назад

Уязвимость дескриптора файлов структуры ввода-вывода XNIO, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 52%
0.0029
Низкий

5.9 Medium

CVSS3