V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2014-0193
DEB
Medium

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 al…

CVSS
4.3
Medium
EPSS
0.04
p89
Published
2014-01-01
Updated
2014-01-01
Description

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

Tags · CWE
CWE-399
CWE-400
CAPEC-147
CAPEC-227
CAPEC-492
Affected products
Apache-commons-beanutils-eap6Apache-commons-beanutils-eap6Apache-commons-cli-eap6Apache-commons-cli-eap6Apache-commons-codec-eap6Apache-commons-codec-eap6Apache-commons-collections-eap6Apache-commons-collections-eap6Apache-commons-configuration-eap6Apache-commons-configuration-eap6Apache-commons-daemon-jsvc-eap6Apache-commons-daemon-jsvc-eap6Apache-commons-io-eap6Apache-commons-io-eap6Apache-commons-lang-eap6Apache-commons-lang-eap6Apache-mime4jApache-mime4jCal10n-eap6Cal10n-eap6
CVSS vector
AV:N/AC:M/Au:N/C:N/I:N/A:P
Timeline
2014-01-01
Published
2014-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: M
Medium
Authentication
Au: N
None (N)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: N
None (N)
Availability Impact
A: P
Partial
Exploit indicators
EPSS
0.043 · p89
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-227 · CWE-400
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
apache-commons-beanutils-eap6Tracked
apache-commons-beanutils-eap6Tracked
apache-commons-cli-eap6Tracked
apache-commons-cli-eap6Tracked
apache-commons-codec-eap6Tracked
apache-commons-codec-eap6Tracked
apache-commons-collections-eap6Tracked
apache-commons-collections-eap6Tracked
apache-commons-configuration-eap6Tracked
apache-commons-configuration-eap6Tracked
apache-commons-daemon-jsvc-eap6Tracked
apache-commons-daemon-jsvc-eap6Tracked
apache-commons-io-eap6Tracked
apache-commons-io-eap6Tracked
apache-commons-lang-eap6Tracked
apache-commons-lang-eap6Tracked
apache-mime4jTracked
apache-mime4jTracked
cal10n-eap6Tracked
cal10n-eap6Tracked
Showing first 20 of 313
Source databases
DEB
CVE
RED
UBU