Fix CWE-401: Ignite - Memory Leak
Article ID: KB0071461
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 6.2.1 |
Description
The vulnerability scans can find a Memory leak related to Ignite, as shown in the example obtained from Dynatrace tool:
- Vulnerability CWE-401: Ignite - Memory Leak
BE 6.2.1 is delivered with Ignite 2.11 which is affected by the vulnerability.
Environment
All
Resolution
CWE-401: Ignite - Memory Leak Issue has been fixed in Ignite version 2.13.
BE 6.2.2 version uses Ignite 2.13, upgrade to BE 6.2.2 to mitigate the issue.
Issue/Introduction
This article explains how to solve vulnerability CWE-401 Ignite - Memory Leak
Additional Information
https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIGNITE-2308111
https://www.cvedetails.com/cwe-details/401/Failure-to-Release-Memory-Before-Removing-Last-Reference-.html
https://www.cvedetails.com/cwe-details/401/Failure-to-Release-Memory-Before-Removing-Last-Reference-.html
Feedback
Yes
No
Powered by
