N/A

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.

N/A

未加控制的资源消耗(资源穷尽)

Red Hat Undertow 资源管理错误漏洞

Red Hat Undertow是美国红帽（Red Hat）公司的一款基于Java的嵌入式Web服务器，是Wildfly（Java应用服务器）默认的Web服务器。 Red Hat Undertow中的HttpOpenListener存在资源管理错误漏洞，该漏洞源于远程连接会一直保持连接状态。攻击者可利用该漏洞导致拒绝服务（内存泄露）。

N/A

N/A