Lucene search
RedhatCVELIST:CVE-2020-35510HistoryJun 02, 2021 - 1:22 p.m.
CVE-2020-35510
2021-06-0213:22:16
CWE-400
redhat
www.cve.org
10
jboss-remoting
denial of service
ejb server
vulnerability
system availability
A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redhat-00001. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CNA Affected
[
{
"product": "jboss-remoting",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "jboss-remoting 5.0.20.SP1-redhat-00001"
}
]
}
]Related
osv
osv
CVE-2020-35510
2021-06-02 14:15:09
Uncontrolled Resource Consumption in jboss-remoting
2022-03-18 17:58:30
cve
cve
CVE-2020-35510
2021-06-02 14:15:09
github
github
Uncontrolled Resource Consumption in jboss-remoting
2022-03-18 17:58:30
redhatcve
redhatcve
CVE-2020-35510
2021-01-05 22:30:36
prion
prion
Input validation
2021-06-02 14:15:00
nvd
nvd
CVE-2020-35510
2021-06-02 14:15:09
veracode
veracode
Denial Of Service (DoS)
2021-12-27 00:41:18
redhat
redhat
nessus
nessus