Lucene search

K

RedhatCVELIST:CVE-2017-12174

HistoryMar 07, 2018 - 10:00 p.m.

CVE-2017-12174

2018-03-0722:00:00

CWE-400

redhat

www.cve.org

1

7.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

CNA Affected

[
  {
    "product": "HornetQ/Artemis",
    "vendor": "Red Hat, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "before 2.4.0"
      }
    ]
  }
]

References

access.redhat.com/errata/RHSA-2018:0268

access.redhat.com/errata/RHSA-2018:0269

access.redhat.com/errata/RHSA-2018:0270

access.redhat.com/errata/RHSA-2018:0271

access.redhat.com/errata/RHSA-2018:0275

access.redhat.com/errata/RHSA-2018:0478

access.redhat.com/errata/RHSA-2018:0479

access.redhat.com/errata/RHSA-2018:0480

access.redhat.com/errata/RHSA-2018:0481

bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12174

lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E

lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E

7.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

Related for CVELIST:CVE-2017-12174

veracode1 github1 osv2 nvd1 prion1 cve1 redhatcve1 nessus7 redhat10