Lucene search
ApacheCVELIST:CVE-2024-41172HistoryJul 19, 2024 - 8:50 a.m.
CVE-2024-41172 Apache CXF: Unrestricted memory consumption in CXF HTTP clients
2024-07-1908:50:43
CWE-401
apache
www.cve.org
6
apache cxf
memory consumption
cve-2024-41172
http clients
EPSS
0.001
Percentile
38.6%
In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache CXF",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "3.6.4, 4.0.5",
"status": "affected",
"version": "3.6.0, 4.0.0",
"versionType": "semver"
}
]
}
]Related
veracode
veracode
Memory Leak
2024-07-21 16:40:28
nvd
nvd
CVE-2024-41172
2024-07-19 09:15:05
github
github
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
2024-07-19 09:32:06
nessus
nessus
Apache CXF 3.6.x < 3.6.4, 4.0.x < 4.0.5 DoS
2024-07-26 00:00:00
osv
osv
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
2024-07-19 09:32:06
CVE-2024-41172
2024-07-19 09:15:05
vulnrichment
vulnrichment
redhatcve
redhatcve
CVE-2024-41172
2024-07-23 09:17:40
cve
cve
CVE-2024-41172
2024-07-19 09:15:05