diff options
| -rw-r--r-- | security/vuxml/vuln.xml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index d93172820c69..f806404775ca 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -87,6 +87,9 @@ Notes: <p>The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.</p> + <p>A specially crafted sequence of HTTP/2 requests could trigger high CPU + usage for several seconds. If a sufficient number of such requests were + +made on concurrent HTTP/2 connections, the server could become unresponsive.</p> </body> </description> <references> @@ -94,12 +97,14 @@ Notes: <url>https://tomcat.apache.org/security-8.html</url> <url>https://tomcat.apache.org/security-9.html</url> <url>https://tomcat.apache.org/security-10.html</url> + <cvename>CVE-2020-11996</cvename> <cvename>CVE-2020-13934</cvename> <cvename>CVE-2020-13935</cvename> </references> <dates> <discovery>2020-07-05</discovery> <entry>2020-07-23</entry> + <modified>2020-07-23</modified> </dates> </vuln> |