BIT-TOMCAT-2022-29885 EncryptInterceptor does not provide complete protection on insecure networks

The documentation of Apache Tomcat 10.1.0 to 10.1.0, 10.0.0 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentialit...

CentOS 9 : tomcat-9.0.62-14.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tomcat-9.0.62-14.el9 build changelog. - not including the secure attribute causes information CVE-2023-28708 - The fix for CVE-2023-24998 was incomplete for Apache Tomcat...

tomcat security update

1:9.0.62-11.3 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487...

Apache Tomcat EncryptInterceptor error leads to Uncontrolled Resource Consumption

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...

Apache Tomcat 10.1.0-M1 < 10.1.0-M15 EncryptInterceptor DoS

The version of Apache Tomcat installed on the remote host is 8.5.38 to 8.5.78, 9.0.13 to 9.0.62, 10.0.0-M1 to 10.0.20 or 10.1.0-M1 to 10.1.0-M14. It is, therefore, affected by a denial of service vulnerability. The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat...

Apache Tomcat EncryptInterceptor DoS Vulnerability (May 2022) - Windows

Apache Tomcat is prone to a denial of service DoS vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...