A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Descision_manager | Redhat | 7.0 (including) | 7.0 (including) |
Jboss_enterprise_application_platform | Redhat | 7.0.0 (including) | 7.0.0 (including) |
Jboss_enterprise_application_platform_expansion_pack | Redhat | - (including) | - (including) |
Process_automation | Redhat | 7.0 (including) | 7.0 (including) |
Single_sign-on | Redhat | 7.0 (including) | 7.0 (including) |
Red Hat JBoss Enterprise Application Platform 7 | RedHat | jboss-client | * |
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 | RedHat | eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el8eap | * |
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 | RedHat | eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap | * |
Red Hat Single Sign-On 7.6.1 | RedHat | * | |
Red Hat Single Sign-On 7.6 for RHEL 7 | RedHat | rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el7sso | * |
Red Hat Single Sign-On 7.6 for RHEL 8 | RedHat | rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el8sso | * |
Red Hat Single Sign-On 7.6 for RHEL 9 | RedHat | rh-sso7-0:1-5.el9sso | * |
Red Hat Single Sign-On 7.6 for RHEL 9 | RedHat | rh-sso7-javapackages-tools-0:6.0.0-7.el9sso | * |
Red Hat Single Sign-On 7.6 for RHEL 9 | RedHat | rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el9sso | * |