GHSA-76fg-mhrg-fmmg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-76fg-mhrg-fmmg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-76fg-mhrg-fmmg/GHSA-76fg-mhrg-fmmg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-76fg-mhrg-fmmg
- Aliases
- Published
- 2022-08-27T00:00:44Z
- Modified
- 2023-11-08T04:07:28.113996Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- XNIO `notifyReadClosed` method logging message to unexpected end
- Details
-
A flaw was found in XNIO, specifically in the
notifyReadClosedmethod. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up. A fix for this issue is available on the3.xbranch of the repository. - Database specific
{ "github_reviewed": true, "severity": "HIGH", "github_reviewed_at": "2022-09-02T19:14:08Z", "cwe_ids": [ "CWE-770" ], "nvd_published_at": "2022-08-26T18:15:00Z" }- References
Affected packages
Maven / org.jboss.xnio:xnio-all
Package
- Name
- org.jboss.xnio:xnio-all
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jboss.xnio/xnio-all
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected3.8.7.Final
Affected versions
3.*
3.0.0.CR1
3.0.0.CR2
3.0.0.CR3
3.0.0.CR4
3.0.0.CR5
3.0.0.CR5-frainone-1
3.0.0.CR6
3.0.0.CR7
3.0.0.GA
3.0.1.GA
3.0.2.GA
3.0.3.GA
3.0.4.GA
3.0.5.GA
3.0.6.GA
3.0.7.GA
3.0.8.GA
3.0.9.GA
3.0.10.GA
3.0.11.GA
3.0.12.GA
3.0.13.GA
3.0.14.GA
3.0.15.GA
3.0.16.GA
3.0.17.GA
3.1.0.Beta1
3.1.0.Beta2
3.1.0.Beta3
3.1.0.Beta4
3.1.0.Beta5
3.1.0.Beta6
3.1.0.Beta7
3.1.0.Beta8
3.1.0.Beta9
3.1.0.CR1
3.1.0.CR2
3.1.0.CR3
3.1.0.CR4
3.1.0.CR5
3.1.0.CR6
3.1.0.CR7
3.1.0.Final
3.2.0.Beta1
3.2.0.Beta2
3.2.0.Beta3
3.2.0.Beta4
3.2.0.Final
3.2.1.Final
3.2.2.Final
3.2.3.Final
3.3.0.Beta1
3.3.0.Beta2
3.3.0.Beta3
3.3.0.Beta4
3.3.0.Beta5
3.3.0.Final
3.3.1.Final
3.3.2.Final
3.3.3.Final
3.3.4.Final
3.3.5.Final
3.3.6.Final
3.3.7.Final
3.3.8.Final
3.4.0.Beta1
3.4.0.Beta2
3.4.0.Beta3
3.4.0.Final
3.4.1.Final
3.4.2.Final
3.4.3.Final
3.4.4.Final
3.4.5.Final
3.4.6.Final
3.4.7.Final
3.5.0.Beta1
3.5.0.Beta2
3.5.0.Beta3
3.5.0.Beta4
3.5.0.Beta5
3.5.0.Beta6
3.5.0.Beta7
3.5.0.CR1
3.5.0.CR2
3.5.0.Final
3.5.1.Final
3.5.2.Final
3.5.3.Final
3.5.4.Final
3.5.5.Final
3.5.6.Final
3.5.7.Final
3.5.8.Final
3.5.9.Final
3.6.0.Beta1
3.6.0.Beta2
3.6.0.Final
3.6.1.Final
3.6.2.Final
3.6.3.Final
3.6.4.Final
3.6.5.Final
3.6.6.Final
3.6.7.Final
3.6.8.Final
3.6.9.Final
3.7.0.Final
3.7.1.Final
3.7.2.Final
3.7.3.Final
3.7.4.Final
3.7.5.Final
3.7.6.Final
3.7.7.Final
3.7.8.Final
3.7.9.Final
3.7.10.Final
3.7.11.Final
3.7.12.Final
3.8.0.Final
3.8.1.Final
3.8.2.Final
3.8.3.Final
3.8.4.Final
3.8.5.Final
3.8.6.Final
3.8.7.Final