Showing 1 - 5 of 5

CVE-2018-1114

Status Candidate

Overview

It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.

Related Files

Red Hat Security Advisory 2019-0877-01: Posted Apr 24, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0877-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.4.0 serves as a replacement for RHOAR Thorntail 2.2.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2018-1000180, CVE-2018-1067, CVE-2018-10862, CVE-2018-10894, CVE-2018-10912, CVE-2018-1114, CVE-2018-11307, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362; SHA-256 | 5a770a9e44f952c4dbd8ebcd0a5a7da0c0737d9f710ca712c6c037e86137438f; Download | Favorite | View

Red Hat Security Advisory 2018-2669-01: Posted Sep 11, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-2669-01 - Red Hat Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. This release of Red Hat Fuse 7.1 serves as a replacement for Red Hat Fuse 7.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, path sanitization, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss; systems | linux, redhat; advisories | CVE-2014-0114, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, CVE-2016-5397, CVE-2017-14063, CVE-2018-1000129, CVE-2018-1000130, CVE-2018-1000180, CVE-2018-1114, CVE-2018-1271, CVE-2018-1272, CVE-2018-1338, CVE-2018-1339, CVE-2018-8036, CVE-2018-8088; SHA-256 | 7b3635d1483cb247ae4e0a03ee8632f66f34f0c49a1302091a6f17cc60f5582a; Download | Favorite | View

Red Hat Security Advisory 2018-2643-01: Posted Sep 4, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-2643-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2018-1000180, CVE-2018-10237, CVE-2018-1067, CVE-2018-10862, CVE-2018-10915, CVE-2018-1114, CVE-2018-8039; SHA-256 | 2bfe1cdff3a12f79e8c0bf7120a0752dcf98ef0376e166db31cb2adc9a98b0df; Download | Favorite | View