Lucene search
Veracode Vulnerability DatabaseVERACODE:7034HistoryJul 12, 2018 - 6:08 a.m.
Denial Of Service (DoS)
2018-07-1206:08:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
EPSS
0.004
Percentile
72.9%
undertow-core is vulnerable to denial of service (DoS) attacks. The application calls the JarURLConnection.getLastModified() method causes file handle to remain open and leak file descriptors, causing that file to become unavailable for others.
References
access.redhat.com/errata/RHSA-2018:2643
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2019:0877
bugs.openjdk.java.net/browse/JDK-6956385
bugzilla.redhat.com/show_bug.cgi?id=1573045
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1114
github.com/undertow-io/undertow/commit/882d5884f2614944a0c2ae69bafd9d13bfc5b64a
github.com/undertow-io/undertow/pull/638
issues.jboss.org/browse/UNDERTOW-1338
Related
ubuntucve
ubuntucve
CVE-2018-1114
2018-09-11 00:00:00
osv
osv
CVE-2018-1114
2018-09-11 15:29:00
Uncontrolled Resource Consumption in Undertow
2022-05-13 01:33:31
cve
cve
CVE-2018-1114
2018-09-11 15:29:00
cvelist
cvelist
CVE-2018-1114
2018-09-11 15:00:00
redhatcve
redhatcve
CVE-2018-1114
2019-10-10 04:29:45
github
github
Uncontrolled Resource Consumption in Undertow
2022-05-13 01:33:31
nvd
nvd
CVE-2018-1114
2018-09-11 15:29:00
debiancve
debiancve
CVE-2018-1114
2018-09-11 15:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:24:05
prion
prion
Design/Logic Flaw
2018-09-11 15:29:00
redhat
redhat
nessus
nessus
RHEL 6 : Red Hat JBoss Enterprise Application Platform (RHSA-2018:2090)
2018-06-29 00:00:00
RHEL 7 : Red Hat JBoss Enterprise Application Platform (RHSA-2018:2089)
2018-06-29 00:00:00
RHEL 7 : Virtualization (RHSA-2018:2643)
2018-09-06 00:00:00