A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2060725 | Issue Tracking Vendor Advisory |
https://github.com/ByteHackr/CVE-2022-0853 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Mar 2022, 13:51
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-401 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2060725 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://github.com/ByteHackr/CVE-2022-0853 - Exploit, Third Party Advisory | |
First Time |
Redhat jboss Enterprise Application Platform Expansion Pack
Redhat jboss Enterprise Application Platform Redhat process Automation Redhat descision Manager Redhat single Sign-on Redhat |
|
CPE | cpe:2.3:a:redhat:descision_manager:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
11 Mar 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-11 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-0853
Mitre link : CVE-2022-0853
CVE.ORG link : CVE-2022-0853
JSON object : View
Products Affected
redhat
- jboss_enterprise_application_platform_expansion_pack
- single_sign-on
- process_automation
- jboss_enterprise_application_platform
- descision_manager
CWE
CWE-401
Missing Release of Memory after Effective Lifetime