Hello, I am currently analyzing my security reports for my Apache ignite 2.17 application and I got notify of these security vulnerabilities in said reports:
* sonatype-2021-4292 category 9 threat: The ignite-core package is vulnerable to Memory Leak. The readFrom() method in the ClientMessage class prematurely allocates a buffer before validating the size in the handshake's header and fails to release the reserved space when the header is invalid. This causes the system to eventually run out of memory. A remote attacker can exploit this vulnerability by sending several malformed messages to initiate connections provoking a Denial of Service (DoS) condition in the server. Advisory Deviation Notice: The Sonatype security research team discovered that the read() method in the GridNioServerBuffer class, also has the vulnerable portion of code in it and was not taken into account in the fix. * sonatype-2022-5219 category 7 threat: The ignite-core package is vulnerable to Regular Expression Denial of Service (ReDoS) attacks. The translateSqlWildcardsToRegex method in the SqlListenerUtils class uses an unsafe regular expression to parse table names and replace wildcard patterns within SQL queries processed with Ignite's JDBC driver. An attacker with the ability to influence table names passed to function calls via the JDBC driver may exploit this vulnerability to exhaust system resources. This will result in a DoS condition. Are you guys aware of these vulnerabilities? Because these sonatype-type warnings are usually ignored or dismissed. Do they represent a possible weakness? Or should I discard them, because it's a case of false positive scenario? Best Regards | Com os melhores cumprimentos, João Lola
