Описание
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | jss | Out of support scope | ||
| Red Hat Enterprise Linux 6 | tomcatjss | Out of support scope | ||
| Red Hat Enterprise Linux 7 | jss | Fix deferred | ||
| Red Hat Enterprise Linux 7 | tomcat | Fix deferred | ||
| Red Hat Enterprise Linux 8 | jss | Not affected | ||
| Red Hat Enterprise Linux 8 | pki-deps:10.6/pki-servlet-engine | Fix deferred | ||
| Red Hat Enterprise Linux 9 | jss | Not affected | ||
| Red Hat Enterprise Linux 9 | pki-servlet-engine | Fix deferred | ||
| Red Hat JBoss Web Server 3 | tomcat7 | Out of support scope | ||
| Red Hat JBoss Web Server 3 | tomcat8 | Out of support scope |
Показывать по
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
A flaw was found in JSS. A memory leak in JSS requires non-standard co ...
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Уязвимость инструмента для стилизации веб-приложений с помощью JavaScript JSS, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании
5.9 Medium
CVSS3