CVE-2014-0086: Remote denial of service via memory exhaustion

March 31, 2014 (updated December 15, 2017)

The doFilter function in webapp/PushHandlerFilter.java this package allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.

References

bugzilla.redhat.com/CVE-2014-0086
issues.jboss.org/browse/RF-13250

Detect and mitigate CVE-2014-0086 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →