{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T23:21:25.861","vulnerabilities":[{"cve":{"id":"CVE-2020-14384","sourceIdentifier":"secalert@redhat.com","published":"2020-09-09T14:15:12.397","lastModified":"2024-11-21T05:03:08.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability."},{"lang":"es","value":"Se encontró un fallo en JBossWeb en versiones anteriores a 7.5.31.Final-redhat-3. La corrección para CVE-2020-13935 estaba incompleta en JBossWeb, dejándolo vulnerable a un ataque de denegación de servicio cuando se envían múltiples peticiones con una longitud de carga útil no válida en una trama WebSocket. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jbossweb:*:*:*:*:*:*:*:*","versionEndExcluding":"7.5.31.final-redhat-3","matchCriteriaId":"F499B38F-82F7-4BAF-9221-39FBA20FC64A"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875176","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875176","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}