支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2024-1300 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Io.vertx:vertx-core: memory leak when a tcp server is configured with tls and sni support
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
对已超过有效生命周期的资源丧失索引
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Eclipse Vert.x 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Eclipse Vert.x是Eclipse基金会的一个应用于 JVM 上用于构建响应式应用程序的工具包。 Eclipse Vert.x 4.4.8之前版本存在安全漏洞,该漏洞源于存在内存泄漏,允许攻击者发送带有虚假服务器名称的TLS客户端问候消息,从而触发JVM内存不足错误。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
Red HatCEQ 3.2-cpe:/a:redhat:camel_quarkus:3
Red HatCryostat 2 on RHEL 8 2.4.0-7 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatCryostat 2 on RHEL 8 2.4.0-4 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatCryostat 2 on RHEL 8 2.4.0-4 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatCryostat 2 on RHEL 8 2.4.0-4 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatCryostat 2 on RHEL 8 2.4.0-9 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatCryostat 2 on RHEL 8 2.4.0-4 ~ * cpe:/a:redhat:cryostat:2::el8
Red HatMigration Toolkit for Runtimes 1 on RHEL 8 1.2-18 ~ * cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8
Red HatMigration Toolkit for Runtimes 1 on RHEL 8 1.2-11 ~ * cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8
Red HatMigration Toolkit for Runtimes 1 on RHEL 8 1.2-12 ~ * cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8
Red HatMigration Toolkit for Runtimes 1 on RHEL 8 1.2-10 ~ * cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8
Red HatMTA-6.2-RHEL-9 6.2.3-2 ~ * cpe:/a:redhat:migration_toolkit_applications:6.2::el9
Red HatRed Hat AMQ Streams 2.7.0-cpe:/a:redhat:amq_streams:2
Red HatRed Hat build of Apache Camel 4.4.1 for Spring Boot 3.2-cpe:/a:redhat:apache_camel_spring_boot:4.4::el6
Red HatRed Hat build of Quarkus 3.2.11.Final 4.4.8.redhat-00001 ~ * cpe:/a:redhat:quarkus:3.2::el8
Red HatRHINT Service Registry 2.5.11 GA-cpe:/a:redhat:service_registry:2.5
Red HatA-MQ Clients 2-cpe:/a:redhat:a_mq_clients:2
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatRed Hat AMQ Broker 7-cpe:/a:redhat:amq_broker:7
Red HatRed Hat build of Apache Camel for Spring Boot 3-cpe:/a:redhat:camel_spring_boot:3
Red HatRed Hat Build of Keycloak-cpe:/a:redhat:build_keycloak:
Red HatRed Hat build of OptaPlanner 8-cpe:/a:redhat:optaplanner:::el6
Red HatRed Hat build of Quarkus-cpe:/a:redhat:quarkus:2
Red HatRed Hat Data Grid 8-cpe:/a:redhat:jboss_data_grid:8
Red HatRed Hat Fuse 7-cpe:/a:redhat:jboss_fuse:7
Red HatRed Hat Integration Camel K 1-cpe:/a:redhat:integration:1
Red HatRed Hat Integration Camel Quarkus 2-cpe:/a:redhat:camel_quarkus:2
Red HatRed Hat JBoss Data Grid 7-cpe:/a:redhat:jboss_data_grid:7
Red HatRed Hat JBoss Enterprise Application Platform 7-cpe:/a:redhat:jboss_enterprise_application_platform:7
Red HatRed Hat JBoss Enterprise Application Platform 8-cpe:/a:redhat:jboss_enterprise_application_platform:8
Red HatRed Hat JBoss Enterprise Application Platform Expansion Pack-cpe:/a:redhat:jbosseapxp
Red HatRed Hat Process Automation 7-cpe:/a:redhat:jboss_enterprise_bpms_platform:7
二、漏洞 CVE-2024-1300 的公开POC
#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2024-1300 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2024-1300 的评论

暂无评论

发表评论