Lucene search

Veracode Vulnerability DatabaseVERACODE:22359

HistoryJan 24, 2020 - 12:24 a.m.

Denial Of Service (DoS)

2020-01-2400:24:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

undertow is vulnerable to denial of service (DoS). The vulnerability exists when the Undertow HTTP server is listening on HTTPS.

CPENameOperatorVersion
eap7-jackson-annotationseq2.8.11__1.redhat_1.1.ep7.el7
eap7-jackson-annotationseq2.9.9__1.redhat_00001.1.el6eap
eap7-jackson-annotationseq2.9.8__2.redhat_00004.1.el8eap
eap7-jackson-annotationseq2.8.11__1.redhat_1.1.ep7.el6
eap7-jackson-annotationseq2.9.5__2.redhat_2.1.el7eap
eap7-jackson-annotationseq2.9.5__2.redhat_2.1.el6eap
eap7-jackson-annotationseq2.9.8__2.redhat_00004.1.el6eap
eap7-jackson-annotationseq2.8.9__1.redhat_1.1.ep7.el6
eap7-jackson-annotationseq2.9.9__1.redhat_00001.1.el7eap
eap7-jackson-annotationseq2.5.4__1.redhat_1.1.ep7.el7

Name	Operator	Version
eap7-jackson-annotations	eq	2.8.11__1.redhat_1.1.ep7.el7
eap7-jackson-annotations	eq	2.9.9__1.redhat_00001.1.el6eap
eap7-jackson-annotations	eq	2.9.8__2.redhat_00004.1.el8eap
eap7-jackson-annotations	eq	2.8.11__1.redhat_1.1.ep7.el6
eap7-jackson-annotations	eq	2.9.5__2.redhat_2.1.el7eap
eap7-jackson-annotations	eq	2.9.5__2.redhat_2.1.el6eap
eap7-jackson-annotations	eq	2.9.8__2.redhat_00004.1.el6eap
eap7-jackson-annotations	eq	2.8.9__1.redhat_1.1.ep7.el6
eap7-jackson-annotations	eq	2.9.9__1.redhat_00001.1.el7eap
eap7-jackson-annotations	eq	2.5.4__1.redhat_1.1.ep7.el7

Rows per page:

1-10 of 10341

References

access.redhat.com/errata/RHSA-2020:0161

access.redhat.com/errata/RHSA-2020:0729

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14888

issues.redhat.com/browse/JBEAP-17491

issues.redhat.com/browse/JBEAP-17541

issues.redhat.com/browse/JBEAP-17651

issues.redhat.com/browse/JBEAP-17652

issues.redhat.com/browse/JBEAP-17666

issues.redhat.com/browse/JBEAP-17773

issues.redhat.com/browse/JBEAP-17779

issues.redhat.com/browse/JBEAP-17789

issues.redhat.com/browse/JBEAP-17805

issues.redhat.com/browse/JBEAP-17836

issues.redhat.com/browse/JBEAP-17837

issues.redhat.com/browse/JBEAP-17887

issues.redhat.com/browse/JBEAP-17898

issues.redhat.com/browse/JBEAP-17905

issues.redhat.com/browse/JBEAP-17906

issues.redhat.com/browse/JBEAP-17940

issues.redhat.com/browse/JBEAP-17945

issues.redhat.com/browse/JBEAP-17974

issues.redhat.com/browse/JBEAP-17998

issues.redhat.com/browse/JBEAP-18169

issues.redhat.com/browse/JBEAP-18170

security.netapp.com/advisory/ntap-20220211-0001/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for VERACODE:22359