XNIO prior to 3.7.9.Final and 3.8.0.Final through 3.8.1.Final has a file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. This may allow an attacker to cause a denial of service.
MEDIUM Vulnerable Package issue exists @ org.jboss.xnio:xnio-nio in branch refs/heads/master
Description
XNIO prior to 3.7.9.Final and 3.8.0.Final through 3.8.1.Final has a file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. This may allow an attacker to cause a denial of service.
MEDIUM Vulnerable Package issue exists @ org.jboss.xnio:xnio-nio in branch refs/heads/master
Vulnerability ID: CVE-2020-14340
Package Name: org.jboss.xnio:xnio-nio
Severity: MEDIUM
CVSS Score: 5.9
Publish Date: 2020-07-24T09:52:00
Current Package Version: 3.3.8.Final
Remediation Upgrade Recommendation: 3.7.9.Final
Link To SCA
Reference – NVD link