WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)

Description

A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.

Remediation

References

Related Vulnerabilities

PHP CVE-2012-2688 Vulnerability (CVE-2012-2688)

PHP Numeric Errors Vulnerability (CVE-2007-3996)

WordPress Plugin amtyThumb posts Cross-Site Scripting (8.1.3)

WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)

WordPress Plugin Simplelife Cross-Site Request Forgery (1.2)

Severity

High

Classification

CVE-2020-14384 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities