CVE-2024-41172
CVSS v3.1
7.5 (High)
EPSS
0.09 % (39th)
Affected Products
1
Advisories
1
NVD Status
Analyzed
In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory
Weaknesses
- CWE-401
- Missing Release of Memory after Effective Lifetime
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Apache Software Foundation
- Published Date
-
2024-07-19 09:15:05
(2 months ago) - Updated Date
-
2024-08-07 20:16:45
(6 weeks ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...