CVE-2017-12174
published 2018-03-07CVE-2017-12174: It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | activemq_artemis | < 2.4.0 | 2.4.0 |
| red_hat_inc | hornetq_artemis | — | — |
| redhat | hornetq | < 2.4.0 | 2.4.0 |
| redhat | jboss_enterprise_application_platform | — | — |
| redhat | jboss_enterprise_application_platform | — | — |
| redhat | jboss_enterprise_application_platform | — | — |