DATABASE RESOURCES PRICING ABOUT US

{"id": "OSV:DSA-5009-1", "vendorId": null, "type": "osv", "bulletinFamily": "software", "title": "tomcat9 - security update", "description": "\nApache Tomcat, the servlet and JSP engine, did not properly release an HTTP\nupgrade connection for WebSocket connections once the WebSocket connection was\nclosed. This created a memory leak that, over time, could lead to a denial of\nservice via an OutOfMemoryError.\n\n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 9.0.43-2~deb11u3.\n\n\nWe recommend that you upgrade your tomcat9 packages.\n\n\nFor the detailed security status of tomcat9 please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/tomcat9](https://security-tracker.debian.org/tracker/tomcat9)\n\n\n", "published": "2021-11-12T00:00:00", "modified": "2023-06-28T06:41:58", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://osv.dev/vulnerability/DSA-5009-1", "reporter": "Google", "references": ["https://www.debian.org/security/2021/dsa-5009"], "cvelist": [], "immutableFields": [], "lastseen": "2023-06-28T06:42:05", "viewCount": 11, "enchantments": {"dependencies": {"references": []}, "score": {"value": 1.1, "vector": "NONE"}, "epss": [{"cve": "CVE-2021-42340", "epss": "0.004990000", "percentile": "0.726290000", "modified": "2023-03-20"}], "vulnersScore": 1.1}, "_state": {"score": 1687936020, "dependencies": 1687935406, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "dfbe851fc17275040152d248d4d8c8b9"}, "affectedSoftware": [{"version": "9.0.43-1", "operator": "eq", "name": "tomcat9"}, {"version": "9.0.43-2~deb11u1", "operator": "eq", "name": "tomcat9"}, {"version": "9.0.43-2~deb11u2", "operator": "eq", "name": "tomcat9"}]}

{}