Moderate severityNVD Advisory· Published Jul 24, 2020· Updated Oct 15, 2024
CVE-2020-14297
CVE-2020-14297
Description
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jboss:jboss-ejb-clientMaven | < 4.0.34.Final | 4.0.34.Final |
Affected products
2- Red Hat/wildflyv5Range: jboss-ejb-client as shipped with Red Hat JBoss EAP 7
Patches
Vulnerability mechanics
References
24- github.com/advisories/GHSA-qcch-9268-59jwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-14297ghsaADVISORY
- access.redhat.com/errata/RHSA-2020:3141ghsaWEB
- access.redhat.com/errata/RHSA-2020:3142ghsaWEB
- access.redhat.com/errata/RHSA-2020:3143ghsaWEB
- access.redhat.com/errata/RHSA-2020:3144ghsaWEB
- access.redhat.com/errata/RHSA-2020:3461ghsaWEB
- access.redhat.com/errata/RHSA-2020:3462ghsaWEB
- access.redhat.com/errata/RHSA-2020:3463ghsaWEB
- access.redhat.com/errata/RHSA-2020:3464ghsaWEB
- access.redhat.com/errata/RHSA-2020:3501ghsaWEB
- access.redhat.com/errata/RHSA-2020:3539ghsaWEB
- access.redhat.com/errata/RHSA-2020:3637ghsaWEB
- access.redhat.com/errata/RHSA-2020:3638ghsaWEB
- access.redhat.com/errata/RHSA-2020:3639ghsaWEB
- access.redhat.com/errata/RHSA-2020:3642ghsaWEB
- access.redhat.com/errata/RHSA-2020:3817ghsaWEB
- access.redhat.com/errata/RHSA-2021:3140ghsaWEB
- access.redhat.com/security/cve/CVE-2020-14297ghsaWEB
- access.redhat.com/solutions/21906ghsaWEB
- bugzilla.redhat.com/show_bug.cgighsaWEB
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/wildfly/jboss-ejb-client/commit/e5f8e4b591f1698a53adc7e430584ca2a8fc9f1bghsaWEB
- github.com/wildfly/jboss-ejb-client/commits/4.0.34.FinalghsaWEB
News mentions
0No linked articles in our index yet.