Lucene search
Redhat.comRH:CVE-2024-41172HistoryJul 23, 2024 - 9:17 a.m.
CVE-2024-41172
2024-07-2309:17:40
redhat.com
access.redhat.com
8
apache cxf
http client conduit
memory consumption
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
38.6%
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.
Related
veracode
veracode
Memory Leak
2024-07-21 16:40:28
nessus
nessus
Apache CXF 3.6.x < 3.6.4, 4.0.x < 4.0.5 DoS
2024-07-26 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2024-41172
2024-07-19 09:15:05
github
github
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
2024-07-19 09:32:06
osv
osv
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
2024-07-19 09:32:06
CVE-2024-41172
2024-07-19 09:15:05
vulnrichment
vulnrichment
cve
cve
CVE-2024-41172
2024-07-19 09:15:05
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
38.6%
Related for RH:CVE-2024-41172