[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-UBUNTU-CVE-2020-11996":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":19,"related":20,"reserved_at":9,"published_at":22,"modified_at":23,"state":9,"summary":24,"references_raw":26,"kevs":94,"epss":9,"epss_history":95,"metrics":96,"affected":103},"UBUNTU-CVE-2020-11996","A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.",null,[],[],[],[14],{"_key":15},"CVE-2020-11996",[17],{"_key":18},"USN-4596-1",[],[21],{"_key":18},"2020-06-26T17:15:00Z","2026-02-04T03:49:47.935607Z",{"cisa_kev":25,"cisa_ransomware":25,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[27,33,37,41,45,49,53,57,61,65,69,73,77,81,85,90],{"url":28,"sources":29,"tags":31},"https://ubuntu.com/security/CVE-2020-11996",[30],"osv_ubuntu",[32],"REPORT",{"url":34,"sources":35,"tags":36},"https://www.openwall.com/lists/oss-security/2020/06/25/6",[30],[32],{"url":38,"sources":39,"tags":40},"https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976",[30],[32],{"url":42,"sources":43,"tags":44},"https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552",[30],[32],{"url":46,"sources":47,"tags":48},"https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E",[30],[32],{"url":50,"sources":51,"tags":52},"https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E",[30],[32],{"url":54,"sources":55,"tags":56},"https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E",[30],[32],{"url":58,"sources":59,"tags":60},"https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":62,"sources":63,"tags":64},"https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E",[30],[32],{"url":66,"sources":67,"tags":68},"https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":70,"sources":71,"tags":72},"https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":74,"sources":75,"tags":76},"https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":78,"sources":79,"tags":80},"https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":82,"sources":83,"tags":84},"https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E",[30],[32],{"url":86,"sources":87,"tags":88},"https://ubuntu.com/security/notices/USN-4596-1",[30],[89],"Advisory",{"url":91,"sources":92,"tags":93},"https://www.cve.org/CVERecord?id=CVE-2020-11996",[30],[32],[],[],[97],{"source":30,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":98,"cvss_v4_0":9},{"baseScore":99,"baseSeverity":9,"vectorString":100,"impactScore":101,"exploitabilityScore":102},7.5,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",6,10,[104,114],{"ecosystem":105,"name":106,"vendor":107,"product":106,"cpe_part":9,"purl_type":108,"purl_namespace":107,"purl_name":106,"source":9,"versions":109},"Ubuntu","tomcat8","ubuntu","deb",[110],{"version":111,"is_range":112,"range_type":113,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"ecosystem":105,"name":115,"vendor":107,"product":115,"cpe_part":9,"purl_type":108,"purl_namespace":107,"purl_name":115,"source":9,"versions":116},"tomcat9",[117,118],{"version":111,"is_range":112,"range_type":113,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":119,"is_range":112,"range_type":113,"version_start":9,"version_start_type":9,"version_end":120,"version_end_type":121,"fixed_in":9},"lt9_0_31_1ubuntu0_1","9.0.31-1ubuntu0.1","excluding"]