A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2060725 | Issue Tracking Vendor Advisory |
https://github.com/ByteHackr/CVE-2022-0853 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Mar 2022, 13:51
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-401 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:descision_manager:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:* |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2060725 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://github.com/ByteHackr/CVE-2022-0853 - Exploit, Third Party Advisory |
11 Mar 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-11 18:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-0853
Mitre link : CVE-2022-0853
CVE.ORG link : CVE-2022-0853
JSON object : View
Products Affected
redhat
- descision_manager
- process_automation
- single_sign-on
- jboss_enterprise_application_platform_expansion_pack
- jboss_enterprise_application_platform
CWE
CWE-401
Missing Release of Memory after Effective Lifetime