CVE-2020-14384
N/A
N/A
Summary
A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | JBossWeb | JBossWeb versions before 7.5.31.Final-redhat-3 | affected |
Weaknesses
- CWE-400: CWE-400
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.