mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
255 lines
8.6 KiB
JSON
255 lines
8.6 KiB
JSON
{
|
|
"id": "CVE-2020-14340",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2021-06-02T13:15:08.083",
|
|
"lastModified": "2022-07-25T11:35:13.533",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se detect\u00f3 una vulnerabilidad en XNIO en la que se produce un filtrado de descriptores de archivos causada por el crecimiento de la cantidad de manejadores de archivos NIO Selector entre los ciclos de recolecci\u00f3n de basura. Puede permitir al atacante causar una denegaci\u00f3n de servicio. Afecta a XNIO versiones 3.6.0.Beta1 hasta 3.8.1.Final"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 5.9,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.2,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "secalert@redhat.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "3.6.1",
|
|
"versionEndExcluding": "3.7.9",
|
|
"matchCriteriaId": "51EE6E12-A43A-4F53-9750-35D8BDF16100"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "3.8.0",
|
|
"versionEndExcluding": "3.8.2",
|
|
"matchCriteriaId": "F5A1F231-972E-455F-8BA0-06627A715061"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:xnio:3.6.0:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80259D1A-EC7A-4C72-A193-4E9F594BC1BC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:xnio:3.6.0:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2167DBAE-1F20-4B41-8D98-A3FAFDCBB510"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_brms:5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BE5157F3-B74D-4066-AB34-8B42BBEB9C7B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_brms:6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38DD6591-DB2A-4A1C-800B-D6C32C5D3065"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_data_grid:6.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "372F543C-1516-4F17-B4B7-A67B7CAD6966"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AB9104FA-3448-43E0-BED9-BAF7D06054E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:jboss_soa_platform:5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44D5DDAE-5519-4E9D-8DD0-D56E4E034F26"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DAAB7154-4DE8-4806-86D0-C1D33B84417B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8E463039-5E48-4AA0-A42B-081053FA0111"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.15.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A442DA9E-FF9A-4C51-9D3E-68D09C8BB472"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A276784-877B-4A29-A8F1-70518A438A9A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Issue Tracking",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujan2022.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |