Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xnio (UTSA-2026-021490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021490 advisory. A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows...

OESA-2026-1047 xnio security update

XNIO is a simplified low-level I/O layer which can be used anywhere you are using NIO today. It frees you from the hassle of dealing with Selectors and the lack of NIO support for multicast sockets and non-socket I/O, while still maintaining all the capabilities present in NIO, and it opens the...

EUVD-2021-1308

Malware in sbrugna...

EUVD-2022-6499

Malicious code in bioql PyPI...

EUVD-2024-0858

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-5685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can...

Linux Distros Unpatched Vulnerability : CVE-2020-14340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It m...

Linux Distros Unpatched Vulnerability : CVE-2024-1635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http- client protocol. Whenever a malicious user opens and...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

Linux Distros Unpatched Vulnerability : CVE-2022-0084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw...

xnio: StackOverflowException when the chain of notifier states becomes problematically big

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service DoS...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in XNIO (CVE-2023-5685)

Summary A vulnerability in XNIO used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-5685 DESCRIPTION: XNIO is vulnerable to a denial of service, caused by a stack overflow exception when the chain of notifier states becomes problematically large. By sending a...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1676)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1676 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

Denial Of Service (DoS)

XNIO API is vulnerable to Denial of Service DoS. The vulnerability is caused due to the problematic accumulation of notifier states within the chain. When this chain grows to be excessively large, it can lead to a StackOverflowException, overwhelming the stack and potentially causing Denial of...