CVE-2017-12174

Summary

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

Affected Software

VendorProductVersion RangeStatus
Red Hat, Inc.HornetQ/Artemisbefore 2.4.0affected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CVE Program Container

Additional References

References