mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
2.9 KiB
2.9 KiB
CVE-2020-13935
Description
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
POC
Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10332
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0xMarcio/cve
- https://github.com/20142995/sectool
- https://github.com/2lambda123/CVE-mitre
- https://github.com/404notf0und/CVE-Flow
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ArrestX/--POC
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NetW0rK1le3r/awesome-hacking-lists
- https://github.com/RedTeamPentesting/CVE-2020-13935
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/aabbcc19191/CVE-2020-13935
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/emilywang0/CVE_testing_VULN
- https://github.com/emilywang0/MergeBase_test_vuln
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/huike007/penetration_poc
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
- https://github.com/qeeqbox/falcon
- https://github.com/readloud/Awesome-Stars
- https://github.com/soosmile/POC
- https://github.com/superfish9/pt
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/trganda/dockerv
- https://github.com/trganda/starrlist
- https://github.com/tzwlhack/Vulnerability
- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC