CVE-2022-0084

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions XNIO versions prior to 3.x

Description A flaw was found in XNIO, specifically in the notifyReadClosed method, which was logging a message to another expected end. This issue allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.

Recommendations For versions prior to 3.x, update to the 3.x branch of the repository to resolve the issue. As a temporary workaround, consider disabling the notifyReadClosed method until a patch is available. Restrict access to the affected logging functionality to minimize the risk of exploitation.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2022-0084

GHSA-76FG-MHRG-FMMG

OESA-2026-1047

RHSA-2022:4918

RHSA-2022:4919

RHSA-2022:6782

RHSA-2022:6783

RHSA-2022:7409

RHSA-2022:7410

RHSA-2022:7411

RHSA-2025:4226

RHSA-2025:4437

Affected Products

Debian

Xnio

CVE-2022-0084

Weakness Enumeration

Related Identifiers

Affected Products

References · 16