A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1860218 | Issue Tracking Vendor Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2022.html | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1860218 | Issue Tracking Vendor Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2022.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 05:03
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1860218 - Issue Tracking, Vendor Advisory | |
References | () https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory | |
References | () https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory |
12 May 2022, 14:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Mar 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory | |
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-Other |
07 Feb 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 16:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.9 |
10 Jun 2021, 17:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_brms:6:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_brms:5:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_data_grid:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:xnio:3.6.0:beta1:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:-:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_soa_platform:5:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:xnio:3.6.0:beta2:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-400 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1860218 - Issue Tracking, Vendor Advisory |
02 Jun 2021, 13:36
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-02 13:15
Updated : 2024-11-21 05:03
NVD link : CVE-2020-14340
Mitre link : CVE-2020-14340
CVE.ORG link : CVE-2020-14340
JSON object : View
Products Affected
redhat
- jboss_data_virtualization
- jboss_enterprise_application_platform
- jboss_soa_platform
- jboss_fuse
- jboss_brms
- jboss_operations_network
- xnio
- jboss_data_grid
oracle
- communications_cloud_native_core_network_repository_function
- communications_cloud_native_core_service_communication_proxy
- communications_cloud_native_core_console
- communications_cloud_native_core_policy
- communications_cloud_native_core_unified_data_repository
- communications_cloud_native_core_security_edge_protection_proxy
CWE