Showing 1 - 9 of 9

CVE-2020-27223

Status Candidate

Overview

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.

Related Files

Red Hat Security Advisory 2022-6407-01: Posted Sep 9, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6407-01 - A minor version update is now available for Red Hat Camel K that includes CVE fixes in the base images, which are documented in the Release Notes document linked in the References section. Issues addressed include denial of service, information leakage, integer overflow, and resource exhaustion vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2020-27223, CVE-2020-36518, CVE-2020-9492, CVE-2021-20289, CVE-2021-22132, CVE-2021-22137, CVE-2021-2471, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-3520, CVE-2021-3629, CVE-2021-37714, CVE-2021-38153; SHA-256 | cc86bb2ed063a9b8609ef6960b486d0a7bff3be7ef9e7f5716ccc3523480f3ed; Download | Favorite | View

Red Hat Security Advisory 2021-5134-05: Posted Dec 15, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, memory leak; systems | linux, redhat; advisories | CVE-2019-10744, CVE-2019-12415, CVE-2020-11987, CVE-2020-11988, CVE-2020-13943, CVE-2020-13949, CVE-2020-15522, CVE-2020-17521, CVE-2020-17527, CVE-2020-26217, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-27782, CVE-2020-28491, CVE-2020-2875, CVE-2020-2934, CVE-2020-35510, CVE-2020-9488, CVE-2021-20218, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344; SHA-256 | 9284d27525337878d1b616a42ec6964f345739a90a655ed05cfae5b196bdeacd; Download | Favorite | View

Red Hat Security Advisory 2021-4767-01: Posted Nov 23, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4767-01 - This release of Red Hat Integration - Camel Extensions for Quarkus - 2.2 GA serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, deserialization, information leakage, resource exhaustion, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2020-13936, CVE-2020-14326, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-28052, CVE-2020-28491, CVE-2021-20289, CVE-2021-20328, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165; SHA-256 | 9dff15e298c722ad84d5f39cb4d850c04124d91986161bb1afd605f4e69d1c9d; Download | Favorite | View

Red Hat Security Advisory 2021-3700-01: Posted Sep 30, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3700-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include bypass, denial of service, information leakage, resource exhaustion, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2020-13956, CVE-2020-27223, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28169, CVE-2021-29425, CVE-2021-3425, CVE-2021-34428, CVE-2021-34429, CVE-2021-3763; SHA-256 | a8a12dcc50fccbe685347bca1c58d45fbfe797cf6ab2e35bef81923f2d3fef9b; Download | Favorite | View

Debian Security Advisory 4949-1: Posted Aug 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4949-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in cross-site scripting, information disclosure, privilege escalation or denial of service.; tags | advisory, java, denial of service, vulnerability, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-10241, CVE-2019-10247, CVE-2020-27216, CVE-2020-27223, CVE-2020-28165, CVE-2020-28169, CVE-2021-34428; SHA-256 | 36aa94d69a18cbcbfbe8632d49d6587502da2bc7f601b1dddaab1fd811d2bbcd; Download | Favorite | View

Red Hat Security Advisory 2021-2689-01: Posted Jul 13, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2689-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.2 serves as a replacement for Red Hat AMQ Broker 7.8.1, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service, information leakage, and resource exhaustion vulnerabilities.; tags | advisory, denial of service, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2020-27223, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-3425; SHA-256 | 797ae866913245376a53ab9b2027c144a57e156f08fb0901e02b9cb20c189fda; Download | Favorite | View

Red Hat Security Advisory 2021-2431-01: Posted Jul 2, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2431-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.41. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645; SHA-256 | 8320ca0fbf52a821c1d861f06d563f78252ebe92f38a8903490a83a5c335a58f; Download | Favorite | View

Red Hat Security Advisory 2021-2517-01: Posted Jul 1, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2517-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.462. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645; SHA-256 | f0cc7cc7453112310b6e9a4cfd6847dd90f4a89758cd89cba7b0719660010c0b; Download | Favorite | View

Red Hat Security Advisory 2021-2499-01: Posted Jun 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2499-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223; SHA-256 | fc33e3ccc5d69dcd993e15c937230658440ccc17e77d1efce3da137b504799bc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2020-27223

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems