How severe is CVE-2020-4325?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2020-4325?

This is classified as CWE-404, which is a common weakness in software security.

CVE-2020-4325

MEDIUM Year: 2020

CVSS v3 Score

6.5

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-404

View all →

Vulnerability Description

The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596.

CVE-2013-1054

MEDIUM

CVSS:6.5(Medium)

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initializ...

CWE-4042013

CVE-2019-15302

MEDIUM

CVSS:6.5(Medium)

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a tr...

CWE-4042019

CVE-2020-0414

MEDIUM

CVSS:6.5(Medium)

In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non-silenced audio buffer due to a permissions bypass. This could lead to remote information disclosure with ...

CWE-4042020

CVE-2020-14307

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a r...

CWE-4042020

CVE-2021-4280

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in styler_praat_scripts. It has been classified as problematic. Affected is an unknown function of the file file_segmenter.praat of the component Slash Handler. The manipulat...

CWE-4042021

CVE-2022-1289

MEDIUM

CVSS:6.5(Medium)

A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remot...

CWE-4042022

CVE-2020-4325

Vulnerability Description

Related Vulnerabilities

CVE-2013-1054

CVE-2019-15302

CVE-2020-0414

CVE-2020-14307

CVE-2021-4280

CVE-2022-1289