Fix CWE-401: Ignite - Memory Leak
book
Article ID: KB0071461
calendar_today
Updated On:
TIBCO BusinessEvents Enterprise Edition
|
6.2.1
|
Description
The vulnerability scans can find a Memory leak related to Ignite, as shown in the example obtained from Dynatrace tool:
- Vulnerability CWE-401: Ignite - Memory Leak
BE 6.2.1 is delivered with Ignite 2.11 which is affected by the vulnerability.
Resolution
CWE-401: Ignite - Memory Leak Issue has been fixed in Ignite version 2.13.
BE 6.2.2 version uses Ignite 2.13, upgrade to BE 6.2.2 to mitigate the issue.
Issue/Introduction
This article explains how to solve vulnerability CWE-401 Ignite - Memory Leak
Additional Information
https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIGNITE-2308111
https://www.cvedetails.com/cwe-details/401/Failure-to-Release-Memory-Before-Removing-Last-Reference-.html
Feedback
thumb_up
Yes
thumb_down
No