Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-6578

[CVE-2023-3171] WildFly heap exhaustion via deserialization

    XMLWordPrintable

Details

    Description

      Permitting  deserialization of certain classes like HashMap and HashTable could eventually exhaust the heap. An attacker could use this to conduct a Denial of Service attack targeting these classes. 

       

      Please refer to JBEAP-24964 for more details.

       

      Attachments

        Activity

          People

            rhn-engineering-lgao Lin Gao
            rhn-engineering-lgao Lin Gao
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: