CVE-2020-14326
Summary
| CVE | CVE-2020-14326 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-06-02 12:15:00 UTC |
| Updated | 2022-07-15 17:38:00 UTC |
| Description | A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Netapp | Oncommand Insight | - | All | All | All |
| Application | Redhat | Integration Camel K | - | All | All | All |
| Application | Redhat | Resteasy | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 1855826 – (CVE-2020-14326) CVE-2020-14326 RESTEasy: Caching routes in RootNode may result in DoS | MISC | bugzilla.redhat.com | |
| CVE-2020-14326 RESTEasy Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.