{ "id": "CVE-2014-0193", "sourceIdentifier": "secalert@redhat.com", "published": "2014-05-06T14:55:05.667", "lastModified": "2023-02-13T00:36:16.470", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames." }, { "lang": "es", "value": "WebSocket08FrameDecoder en Netty 3.6.x anterior a 3.6.9, 3.7.x anterior a 3.7.1, 3.8.x anterior a 3.8.2, 3.9.x anterior a 3.9.1 y 4.0.x anterior a 4.0.19 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un TextWebSocketFrame seguido por una cadena larga de ContinuationWebSocketFrames." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-399" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3EEBC0F-815E-4F66-B9B4-1256AAAB03A7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "140919D1-2868-4F11-8421-5CA35A3FFCA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "28C7EA90-B934-438B-9705-5B53B0F3D09C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6C1DCF99-CBB1-4FD2-B073-B91A2DD27290" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "E4EA1D52-61D5-4448-BA64-0D9A8FFFE173" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2CFB08C8-9021-4C26-B8B8-A2C07EB4BB83" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "C3707350-D658-485E-A136-04AF3ED7AF4E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "8D4831E7-1F30-4AEA-82D8-E703701DC8B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "7CE508BE-00C4-4304-BA92-063129C2B6E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3876968E-7B85-4149-BF6B-488D32A7B2B7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C365439-029C-4F5F-ADB2-0153DD4965B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "CAECE2B6-DD9F-4FEC-B15F-EA99BF716390" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:3.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "9879F5B0-DF82-470F-A028-1B69BFB67FB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "069A7F48-DDF9-4C29-829F-63480AC8252A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1657CCDD-547C-462F-84A6-5C7897A0DE3D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "48DEF144-095B-4A16-B1A0-540FFCB0571D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "34811757-A83B-4177-B256-17C75669CB4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2F0B1676-F16F-49CB-A1D2-961236B29FB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D5B2C70-1CA5-4285-B85A-C01A1F0D256F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4223B041-EA1F-4EF5-9C56-93B47426D634" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CC66E4C-0291-4F01-B6FF-1E6ABFFE3DD3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "3FF070FD-09A2-453C-ABB0-57806785AC0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "2DB8331D-6E3B-419A-A5D1-7FCA56B01D9B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A78B72B6-389E-4EE4-86D4-9C8499BAF7CD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "79C9F0BF-82E7-4E8D-81E0-8BE38AC892FE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "638159B5-DCB2-48F2-B98C-D02AA4B55567" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "8DD72B11-80BE-4EE8-8350-E84A4DE19A14" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "938E8F20-809C-41CF-90B3-16C4FA22BE7D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "7ECC0699-8544-4D5E-ACF9-C09A5EF7C6A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "3947E2CD-9E5C-4D8F-970E-9AFCEBB9BEA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "D14F96ED-9B74-446A-BDAA-37DA46BF1C52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netty:netty:4.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "490A338C-50BB-4292-B3E3-EBCB4D2A89F6" } ] } ] } ], "references": [ { "url": "http://netty.io/news/2014/04/30/release-day.html", "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html", "source": "secalert@redhat.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html", "source": "secalert@redhat.com" }, { "url": "http://secunia.com/advisories/59290", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/67182", "source": "secalert@redhat.com" }, { "url": "https://github.com/netty/netty/issues/2441", "source": "secalert@redhat.com" }, { "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E", "source": "secalert@redhat.com" }, { "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html", "source": "secalert@redhat.com" } ] }