VDB
RHSA-2020%3A3197
RHSA-2020%3A3197
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Process Automation 7 |
Exploit Intelligence
- quartz with CVE-2019-13990 (github-poc-repo)
- dpredrag/CVE-2020-8840 (github-poc-repo)
- 来源于jackson-CVE-2020-8840,需要开autotype (github-poc-repo)
- CVE-2020-10673:jackson-databind RCE (github-poc-repo)
- CVE-2020-11113:Jackson-databind RCE (github-poc-repo)
- CVE-2020-9548:FasterXML/jackson-databind 远程代码执行漏洞 (github-poc)
- CVE-2020-9547:FasterXML/jackson-databind 远程代码执行漏洞 (github-poc)
- dpredrag/CVE-2020-8840 (github-poc)
- Jackson-databind远程代码执行漏洞(CVE-2020-8840)分析复现环境代码 (github-poc)
- jackson jndi injection (github-poc)
…and 17 more exploits
Timeline
- Jul 29, 2020 CVE Published
- Apr 28, 2026 Distribution Patch
- Apr 28, 2026 Distribution Patch
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2020:3197 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=rhpam&version=7.8.0 advisory
- https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.8/html/release_notes_for_red_hat_process_automation_manager_7.8/index advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1735645 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1735744 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1735745 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1735749 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1758619 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1767483 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1793154 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1796225 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1796756 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1797006 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1797011 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1798509 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1798524 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1801149 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1815470 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1815495 issue
…and 124 more