CVE-2020-14340

{"id": "CVE-2020-14340", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2021-06-02T13:15:08.083", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad en XNIO en la que se produce un filtrado de descriptores de archivos causada por el crecimiento de la cantidad de manejadores de archivos NIO Selector entre los ciclos de recolecci\u00f3n de basura. Puede permitir al atacante causar una denegaci\u00f3n de servicio. Afecta a XNIO versiones 3.6.0.Beta1 hasta 3.8.1.Final"}], "lastModified": "2022-07-25T11:35:13.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EE6E12-A43A-4F53-9750-35D8BDF16100", "versionEndExcluding": "3.7.9", "versionStartIncluding": "3.6.1"}, {"criteria": "cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5A1F231-972E-455F-8BA0-06627A715061", "versionEndExcluding": "3.8.2", "versionStartIncluding": "3.8.0"}, {"criteria": "cpe:2.3:a:redhat:xnio:3.6.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80259D1A-EC7A-4C72-A193-4E9F594BC1BC"}, {"criteria": "cpe:2.3:a:redhat:xnio:3.6.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2167DBAE-1F20-4B41-8D98-A3FAFDCBB510"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_brms:5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE5157F3-B74D-4066-AB34-8B42BBEB9C7B"}, {"criteria": "cpe:2.3:a:redhat:jboss_brms:6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38DD6591-DB2A-4A1C-800B-D6C32C5D3065"}, {"criteria": "cpe:2.3:a:redhat:jboss_data_grid:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "372F543C-1516-4F17-B4B7-A67B7CAD6966"}, {"criteria": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D"}, {"criteria": "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB9104FA-3448-43E0-BED9-BAF7D06054E0"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D"}, {"criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1"}, {"criteria": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B40CCE4F-EA2C-453D-BB76-6388767E5C6D"}, {"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100"}, {"criteria": "cpe:2.3:a:redhat:jboss_soa_platform:5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44D5DDAE-5519-4E9D-8DD0-D56E4E034F26"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAAB7154-4DE8-4806-86D0-C1D33B84417B"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E463039-5E48-4AA0-A42B-081053FA0111"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A442DA9E-FF9A-4C51-9D3E-68D09C8BB472"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A276784-877B-4A29-A8F1-70518A438A9A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}