Page 2 of 22 results (0.014 seconds)

CVSS: 7.5EPSS: 14%CPEs: 74EXPL: 2

CVE-2020-13935 – tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

https://notcve.org/view.php?id=CVE-2020-13935

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. La longitud de la carga útil en una trama de WebSocket no fue comprobada correctamente en Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M6, versiones 9.0.0.M1 hasta 9.0.36, versiones 8.5.0 hasta 8.5.56 y versiones 7.0.27 hasta 7.0. 104. Las longitudes de carga útil no válidas podrían desencadenar un bucle infinito. • https://github.com/RedTeamPentesting/CVE-2020-13935 https://github.com/aabbcc19191/CVE-2020-13935 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html https://kc.mcafee.com/corporate/index?page=content&id=SB10332 https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50%40%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce& • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 91%CPEs: 54EXPL: 0

CVE-2020-13934 – tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS

https://notcve.org/view.php?id=CVE-2020-13934

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. Una conexión directa h2c a Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M6, versiones 9.0.0.M5 hasta 9.0.36 y versiones 8.5.1 hasta 8.5.56, no publicó el procesador HTTP/1.1 después de la actualización a HTTP/2. Si un número suficiente de tales peticiones fueron hechas, podría ocurrir una OutOfMemoryException conllevando a una denegación de servicio A flaw was found in Apache Tomcat, where an h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests are made, an OutOfMemoryException could occur, leading to a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8%40%3Cdev.tomcat.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html https://security.netapp.com/advisory/ntap-20200724-0003 https://usn • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 1

CVE-2020-11996 – tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS

https://notcve.org/view.php?id=CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. Una secuencia especialmente diseñada de peticiones HTTP/2 enviadas a Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M5, versiones 9.0.0.M1 hasta 9.0.35 y versiones 8.5.0 hasta 8.5.55, podría desencadenar un uso elevado de la CPU por varios segundos. Si se hacen una cantidad suficiente de tales peticiones en conexiones HTTP/2 concurrentes, el servidor podría dejar de responder • https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79%40%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd%40%3Cnotifications.ofbiz.apache.org%3E https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2b • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 2

CVE-2020-7656 – jquery: Cross-site scripting (XSS) via <script> HTML tags containing whitespaces

https://notcve.org/view.php?id=CVE-2020-7656

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed. jquery versiones anteriores a 1.9.0, permite ataques de tipo Cross-site Scripting por medio del método de carga. El método de carga presenta un fallo al reconocer y eliminar las etiquetas HTML "(script)" que contienen un carácter de espacio en blanco, es decir: "(/script )", lo cual resulta en que la lógica de script adjunta sea ejecutada. A flaw was found in jquery in versions prior to 1.9.0. A cross-site scripting attack is possible as the load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character which results in the enclosed script logic to be executed. • https://github.com/ossf-cve-benchmark/CVE-2020-7656 https://security.netapp.com/advisory/ntap-20200528-0001 https://snyk.io/vuln/SNYK-JS-JQUERY-569619 https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1?language=en_US https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2020-7656 https://bugzilla.redhat.com/show_bug.cgi?id=1850119 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.9EPSS: 2%CPEs: 81EXPL: 5

CVE-2020-11023 – Potential XSS vulnerability in jQuery

https://notcve.org/view.php?id=CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. En jQuery versiones mayores o iguales a 1.0.3 y anteriores a la versión 3.5.0, passing HTML contiene elementos de fuentes no seguras – incluso después de sanearlo – para uno de los métodos de manipulación de jQuery ´s DOM ( i.e. html t(), adjunto (), y otros ) podrían ejecutar códigos no seguros. Este problema está corregido en JQuery 3.5.0. A flaw was found in jQuery. • https://www.exploit-db.com/exploits/49767 https://github.com/0xAJ2K/CVE-2020-11022-CVE-2020-11023 https://github.com/Cybernegro/CVE-2020-11023 https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •