Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-25736

specially crafted inbound repository URLs can lead to outbound http connection pool starvation

    Details

    • Release Note:
      Yes
    • Notability:
      2

      Description

      Specially crafted inbound HTTP requests to a repository can trigger outbound proxy repository org.apache.http.conn.ConnectionPoolTimeoutException: Timeout waiting for connection from pool checking remote for update messages. The result is since no new HTTP outbound connections can be retrieved from the outbound connection pool, no repository related outbound HTTP connections can be made for new or updated content.

      Mitigation

      NXRM admins should restart NXRM to mitigate the immediate pool leak.

      If you are a paid customer, contact Sonatype Support for help identifying the problematic requests that can trigger the leak.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mallen Mick Allen
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Hajime Osako Hajime Osako
              Team:
              NXRM - Groot
              Votes:
              1 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title