Headline

GHSA-4mgg-fqfq-64hg: Apache CXF allows unrestricted memory consumption in CXF HTTP clients

In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory

2 months ago

ghsa

Open in Source

#apache #git

Apache CXF allows unrestricted memory consumption in CXF HTTP clients

Low severity GitHub Reviewed Published Jul 19, 2024 to the GitHub Advisory Database • Updated Jul 19, 2024

Related news

Red Hat Security Advisory 2024-7052-03

Red Hat Security Advisory 2024-7052-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a denial of service vulnerability.

14 days ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #apache #js #git