vulnerability
Red Hat JBoss EAP: CVE-2018-1114: Uncontrolled Resource Consumption
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Apr 21, 2018 | Sep 19, 2024 | Jul 2, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Apr 21, 2018
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.. It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CWE-400
- CVE-2018-1114
- https://attackerkb.com/topics/CVE-2018-1114
- URL-https://access.redhat.com/security/cve/CVE-2018-1114
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1573045
- URL-https://bugs.openjdk.java.net/browse/JDK-6956385
- URL-https://issues.jboss.org/browse/UNDERTOW-1338
- URL-https://access.redhat.com/errata/RHSA-2018:2088
- URL-https://access.redhat.com/errata/RHSA-2018:2089
- URL-https://access.redhat.com/errata/RHSA-2018:2090
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.