EUVD-2024-1174

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Eclipse Vert.x causes memory leak in TLS TCP servers with SNI support leading to exhaustion

Reporter	Title	Published	Views	Family All 39
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Event Processing.	15 Jul 202405:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found in IBM Security Verify Information Queue	10 Sep 202517:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities	27 Feb 202509:34	–	ibm
IBM Security Bulletins	Security Bulletin:IBM Asset Data Dictionary Component uses vertx-core-4.5.0.jar which is vulnerable to CVE-2024-1023 and CVE-2024-1300.	2 May 202411:00	–	ibm
IBM Security Bulletins	Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for May 2024.	31 May 202410:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities	20 May 202406:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the Eclipse Vert.x component (CVE-2024-1023,CVE-2024-1300).	3 Feb 202522:36	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Eclipse Vert.x toolkit affects IBM watsonx Assistant for IBM Cloud Pak for Data	5 Feb 202520:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the Eclipse Vert.x component (CVE-2024-1300).	25 Jun 202409:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Event Endpoint Management	8 Jul 202405:17	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "abdc7c7d-ce4b-3afb-8b14-27499bac9521",
        "vendor": {
          "name": "Red Hat"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "052ce54e-91aa-332e-b147-5a2f5b87b9d3",
        "product": {
          "name": "Red Hat JBoss Fuse 7"
        }
      },
      {
        "id": "09b9fef6-013f-3403-a3f5-deb48d8f92a0",
        "product": {
          "name": "Red Hat Integration Camel Quarkus"
        }
      },
      {
        "id": "0fcae289-3018-3492-9319-b00669ec86db",
        "product": {
          "name": "Red Hat build of Quarkus 3.2.11.Final"
        }
      },
      {
        "id": "1621d1fe-6ce9-3f9a-9108-f5950c138848",
        "product": {
          "name": "Red Hat Integration Service Registry"
        }
      },
      {
        "id": "18ad6a8e-7af5-35cc-a222-ed130f654f94",
        "product": {
          "name": "Cryostat 2 on RHEL 8"
        },
        "product_version": "patch: 2.4.0-9"
      },
      {
        "id": "34cd1d7a-8223-332c-8163-129278139018",
        "product": {
          "name": "Red Hat JBoss A-MQ Streams"
        }
      },
      {
        "id": "3db0425f-abf1-301f-8565-1da5ae662d46",
        "product": {
          "name": "MTA-6.2-RHEL-9"
        },
        "product_version": "patch: 6.2.3-2"
      },
      {
        "id": "47a6f6b3-ddf9-368a-8157-f556170972ca",
        "product": {
          "name": "Red Hat build of OptaPlanner 8"
        }
      },
      {
        "id": "50c4d7de-63ec-352c-98bc-faffd79e6516",
        "product": {
          "name": "CEQ 3.2"
        }
      },
      {
        "id": "5692485e-ede0-3386-b3ab-a1f7b05e3f15",
        "product": {
          "name": "Cryostat 2 on RHEL 8"
        },
        "product_version": "patch: 2.4.0-7"
      },
      {
        "id": "578a0ac1-e774-3a70-84cd-25748c6377c3",
        "product": {
          "name": "Cryostat 2"
        }
      },
      {
        "id": "587a7c92-340a-30ae-b847-bd63739b6b84",
        "product": {
          "name": "Red Hat JBoss Enterprise Application Platform 7"
        }
      },
      {
        "id": "5c43d134-fcbd-35ee-aef5-e8dff3ea5695",
        "product": {
          "name": "Red Hat Integration Camel K"
        }
      },
      {
        "id": "686c47c9-5b26-383d-bfb7-0a53e24e5eb6",
        "product": {
          "name": "Red Hat Data Grid 8"
        }
      },
      {
        "id": "69bc3c47-4d88-3067-9446-8da252396e86",
        "product": {
          "name": "Cryostat 2 on RHEL 8"
        },
        "product_version": "patch: 2.4.0-4"
      },
      {
        "id": "6af8394e-e875-306a-b217-b180d058cd69",
        "product": {
          "name": "Red Hat JBoss Data Grid 7"
        }
      },
      {
        "id": "6f8476c1-c9d0-30bc-a2d8-66129a499faa",
        "product": {
          "name": "Red Hat JBoss A-MQ 7"
        }
      },
      {
        "id": "74213b8f-507a-3ced-9316-4892f972fc8f",
        "product": {
          "name": "OpenShift Serverless"
        }
      },
      {
        "id": "7acf77ec-7857-3a0a-8a96-c6b845855cc2",
        "product": {
          "name": "Red Hat Build of Keycloak"
        }
      },
      {
        "id": "810ff8cf-6aa2-385d-bbd8-92282b4cfc8c",
        "product": {
          "name": "Red Hat build of Quarkus"
        }
      },
      {
        "id": "83b7aa80-ed39-3df6-ba18-7ae7d1900712",
        "product": {
          "name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"
        }
      },
      {
        "id": "895de148-a45f-3342-aa64-856aea4ce9a7",
        "product": {
          "name": "Red Hat JBoss Enterprise Application Platform 8"
        }
      },
      {
        "id": "957943d0-3b87-34d0-aeb0-4fbe81e9bee6",
        "product": {
          "name": "Red Hat build of Quarkus 3.2.11.Final"
        },
        "product_version": "patch: 4.4.8.redhat-00001"
      },
      {
        "id": "aa1ce843-24ec-3e62-8d9e-c4a0e89ddbaa",
        "product": {
          "name": "Migration Toolkit for Runtimes 1 on RHEL 8"
        },
        "product_version": "patch: 1.2-10"
      },
      {
        "id": "b20d7c5e-317b-3210-8dab-e2311b7cc773",
        "product": {
          "name": "Red Hat build of Apache Camel for Spring Boot"
        }
      },
      {
        "id": "b94742ed-c11b-3480-90aa-097a0007075a",
        "product": {
          "name": "Red Hat build of Apache Camel 4.0 for Spring Boot"
        }
      },
      {
        "id": "ba58dd60-cf09-3a8e-890f-7f668c51962c",
        "product": {
          "name": "Migration Toolkit for Runtimes 1 on RHEL 8"
        },
        "product_version": "patch: 1.2-11"
      },
      {
        "id": "be569c70-5ee0-3103-aa5c-48e0677f56ed",
        "product": {
          "name": "A-MQ Clients 2"
        }
      },
      {
        "id": "bf84b4bb-abaa-38e1-a7b8-a73fbe2f99ff",
        "product": {
          "name": "Migration Toolkit for Runtimes 1 on RHEL 8"
        }
      },
      {
        "id": "c1f76582-c978-318a-889c-810fa0e2a491",
        "product": {
          "name": "Migration Toolkit for Runtimes 1 on RHEL 8"
        },
        "product_version": "patch: 1.2-18"
      },
      {
        "id": "c2bdf16a-de53-31e1-9dc3-ff0e62818937",
        "product": {
          "name": "Migration Toolkit for Applications 6"
        }
      },
      {
        "id": "d6f89bd8-c86a-3e0a-940a-97d07beb2dc3",
        "product": {
          "name": "Migration Toolkit for Runtimes 1 on RHEL 8"
        },
        "product_version": "patch: 1.2-12"
      },
      {
        "id": "fa5ef1e6-72e7-3cfc-a68e-1ebabc726be5",
        "product": {
          "name": "Red Hat Process Automation 7"
        }
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-1300
github	www.github.com/eclipse-vertx/vert.x/pull/5101
github	www.github.com/eclipse-vertx/vert.x/pull/5100
github	www.github.com/eclipse-vertx/vert.x/pull/5099
github	www.github.com/eclipse-vertx/vert.x/commit/7ad34ea9d78f85e26b231ee3ec8d492d10046479
github	www.github.com/eclipse-vertx/vert.x/commit/3d9235cadf44df39a70dc75bddfe0b8fcbd6a683
vertx	www.vertx.io/docs/vertx-core/java/
github	www.github.com/eclipse-vertx/vert.x
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2024-1300

03 Oct 2025 20:07Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.4

EPSS0.00245

SSVC