Описание
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
An infinite recursion vulnerability was found in the org.ini4j package. This flaw allows triggering the fetch() method to cause a denial of service.
Отчет
While the org.ini4j may be susceptible to a denial of service, the way this package is utilized in Red Hat products limits the potential impact on the broader system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Developer Tools and Services | jenkins-2-plugins | Not affected | ||
| Red Hat Fuse 7 | org.arquillian.cube-arquillian-cube-parent | Will not fix | ||
| Red Hat JBoss Data Grid 7 | org.jboss.quickstarts.jdg-jboss-jdg-quickstarts | Will not fix | ||
| Red Hat OpenShift Container Platform 3.11 | jenkins-2-plugins | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
An issue in the fetch() method in the BasicProfile class of org.ini4j ...
org.ini4j allows attackers to cause a Denial of Service (DoS)
EPSS
7.5 High
CVSS3