Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-5685

Опубликовано: 05 мар. 2024
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

Отчет

Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.

Меры по смягчению последствий

There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat build of Apache Camel for Spring Boot 3xnioNot affected
Red Hat build of Apache Camel - HawtIO 4xnioWill not fix
Red Hat Build of KeycloakxnioNot affected
Red Hat Data Grid 8xnioNot affected
Red Hat Integration Camel K 1xnioWill not fix
Red Hat JBoss Data Grid 7xnioOut of support scope
Red Hat JBoss Enterprise Application Platform 8xnio-nioNot affected
Red Hat JBoss Enterprise Application Platform Expansion Packxnio-nioNot affected
Red Hat JBoss Fuse Service Works 6xnioOut of support scope
Red Hat Process Automation 7xnioAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2241822xnio: StackOverflowException when the chain of notifier states becomes problematically big

EPSS

Процентиль: 64%
0.00474
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-5685

CVSS3: 7.5
ubuntu
почти 2 года назад

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

nvd логотип

CVE-2023-5685

CVSS3: 7.5
nvd
почти 2 года назад

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

debian логотип

CVE-2023-5685

CVSS3: 7.5
debian
почти 2 года назад

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stac ...

github логотип

GHSA-7f88-5hhx-67m2

CVSS3: 7.5
github
почти 2 года назад

XNIO denial of service vulnerability

fstec логотип

BDU:2024-04794

CVSS3: 7.5
fstec
почти 3 года назад

Уязвимость библиотеки для обеспечения неблокирующих операций ввода-вывода (I/O) XNIO, связанная с неконтролируемым потребление ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 64%
0.00474
Низкий

7.5 High

CVSS3

Уязвимость CVE-2023-5685