DEBIAN-CVE-2018-1114

DEBIAN-CVE-2018-1114 PUBLISHED CVSS 6.5 MEDIUM

It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.

Risk Scores

CVSS v3.0

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	undertow	0, 1.3.11-1, 1.3.16-1

Timeline

Sep 11, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-1114 advisory

Open in Interactive Console →