github-actions[bot]
commented
4 days ago Issue still exists.
Open github-actions[bot] opened 1 month ago
github-actions[bot]
commented
4 days ago Issue still exists.
Description
A flaw was found in XNIO versions prior to 3.8.8.Final, specifically in the "notifyReadClosed" method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
HIGH Vulnerable Package issue exists @ org.jboss.xnio:xnio-api in branch refs/heads/master
Vulnerability ID: CVE-2022-0084
Package Name: org.jboss.xnio:xnio-api
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2022-08-26T05:53:00
Current Package Version: 3.3.8.Final
Remediation Upgrade Recommendation: 3.5.10.Final
Link To SCA
Reference – NVD link