Description
A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.
Remediation
References
Related Vulnerabilities
PHP Improper Certificate Validation Vulnerability (CVE-2015-3152)
WordPress 3.8.x Cross-Site Scripting Vulnerability (3.8 - 3.8.11)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)
WordPress Plugin Gravity Forms Advanced File Uploader Unspecified Vulnerability (1.18)