redhat xnio CVE-2020-14340 in Red Hat and Oracle Products
Published on June 2, 2021

product logo product logo
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.

NVD

Weakness Type

What is a Resource Exhaustion Vulnerability?

The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVE-2020-14340 has been classified to as a Resource Exhaustion vulnerability or weakness.


Products Associated with CVE-2020-14340

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-14340 are published in these products:

Red Hat Xnio
 
Red Hat Jboss Brms
 
Red Hat Jboss Data Grid
 
Red Hat Jboss Data Virtualization
 
Red Hat Jboss Enterprise Application Platform
 
Red Hat Jboss Fuse
 
Red Hat Jboss Operations Network
 
Red Hat Jboss Soa Platform
 
Oracle Communications Cloud Native Core Network Repository Function
 
Oracle Communications Cloud Native Core Security Edge Protection Proxy
 
Oracle Communications Cloud Native Core Service Communication Proxy
 
Oracle Communications Cloud Native Core Unified Data Repository
 
Oracle Communications Cloud Native Core Policy
 
Oracle Communications Cloud Native Core Console
 

Exploit Probability

EPSS
0.33%
Percentile
55.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.