Hi, The memory leak described in sonatype-2021-4292 was fixed a long time ago, but could you provide more details about the affected versions and specific lines of code?
пн, 25 авг. 2025 г. в 16:39, João Lola <[email protected]>: > > Hello, > > I am currently analyzing my security reports for my Apache ignite 2.17 > application and I got notify of these security vulnerabilities in said > reports: > > sonatype-2021-4292 category 9 threat: > > > The ignite-core package is vulnerable to Memory Leak. The readFrom() > method in the ClientMessage class prematurely allocates a buffer before > validating the size in the handshake's header and fails to release the > reserved space when the header is invalid. This causes the system to > eventually run out of memory. A remote attacker can exploit this > vulnerability by sending several malformed messages to initiate connections > provoking a Denial of Service (DoS) condition in the server. > > Advisory Deviation Notice: The Sonatype security research team > discovered that the read() method in the GridNioServerBuffer class, also has > the vulnerable portion of code in it and was not taken into account in > the fix. > > sonatype-2022-5219 category 7 threat: > > > The ignite-core package is vulnerable to Regular Expression Denial of > Service (ReDoS) attacks. The translateSqlWildcardsToRegex method in the > SqlListenerUtils class uses an unsafe regular expression to parse table > names and replace wildcard patterns within SQL queries processed with > Ignite's JDBC driver. An attacker with the ability to influence table > names passed to function calls via the JDBC driver may exploit this > vulnerability to exhaust system resources. This will result in a DoS > condition. > > Are you guys aware of these vulnerabilities? Because these sonatype-type > warnings are usually ignored or dismissed. > > Do they represent a possible weakness? Or should I discard them, because it's > a case of false positive scenario? > > Best Regards | Com os melhores cumprimentos, > João Lola
