A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.jboss.narayana.rts:lra-coordinator-jar(Maven) | 0 | 7.1.0.Final | N/A |
CVSS Metrics
