VYPR
Medium severity5.9GHSA Advisory· Published Jan 2, 2025· Updated Apr 15, 2026

CVE-2024-8447

CVE-2024-8447

Description

A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jboss.narayana.rts:lra-coordinator-jarMaven
< 7.1.0.Final7.1.0.Final

Affected products

2

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.