Lucene search
K

59 matches found

OSV
OSV
added 2026/06/23 1:55 p.m.8 views

ROOT-APP-MAVEN-CVE-2024-24549 CVE-2024-24549 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2024-24549 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.23072EPSS
Exploits1
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.16 views

DoS due to improper input validation vulnerability in Apache Tomcat - CVE-2024-24549

A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn't reset immediately. Instead, the reset action occurs only aft...

7.5CVSS5.8AI score0.23072EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : tomcat-9.0.87-1.el9_4.1 (AXSA:2024-8150:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8150:07 advisory. Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes and...

7.5CVSS8.1AI score0.23072EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : tomcat-9.0.87-1.el8_10.1.ML.1 (AXSA:2024-8475:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8475:09 advisory. Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes:...

7.5CVSS7.8AI score0.23072EPSS
Exploits1References3
Rosalinux
Rosalinux
added 2025/08/06 8:30 a.m.8 views

Advisory ROSA-SA-2025-2944

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-10 affected versions tomcat-9.0.37-10 CVE-ID: CVE-2024-24549 BDU-ID: 2024-02608 CVE-Crit: HIGH CVE-DESC.: An Apache Tomcat application server vulnerability is related to insufficient input validation. Exploitation of th...

7.5CVSS7.5AI score0.23072EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 4: tomcat (TSSA-2024:0429)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0429 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.23072EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-24549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceede...

7.5CVSS7.1AI score0.23072EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/13 12:0 a.m.18 views

Atlassian Confluence 6.5.x < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.0 (CONFSERVER-98442)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98442 advisory. - Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the...

7.5CVSS7.5AI score0.23072EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2024/12/09 4:59 a.m.576 views

Exploit for Improper Input Validation in Apache Tomcat

Apache Tomcat DoS Exploit CVE-2024-24549 Descripción Es...

7.5CVSS7AI score0.23072EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.34 views

Oracle MySQL Enterprise Monitor (Jul 2024 CPU)

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor component Spring Security. A remote unauthenticated attacker could gain unauthorized access t...

8.2CVSS7.1AI score0.23072EPSS
Exploits3References5
Amazon
Amazon
added 2024/06/24 12:0 a.m.29 views

Important: tomcat8

Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...

7.5CVSS7.6AI score0.23072EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/20 6:26 p.m.24 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Apache Tomcat [CVE-2024-24549]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Apache Tomcat, caused by improper input validation by the HTTP/2 header CVE-2024-24549. Apache Tomcat is used by our Speech microservices. This vulnerabilitiy has been addressed. Please...

7.5CVSS6.8AI score0.23072EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/06/14 1:59 p.m.37 views

RLSA-2024:3666 Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes: Rebase tomcat to version 9.0.87...

7.5CVSS7.5AI score0.23072EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.35 views

Rocky Linux 9 : tomcat (RLSA-2024:3307)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3307 advisory. Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes and...

7.5CVSS7.8AI score0.23072EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.21 views

Rocky Linux 8 : tomcat (RLSA-2024:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3666 advisory. Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes: Rebase...

7.5CVSS7.7AI score0.23072EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.18 views

Fedora 39 : tomcat (2024-2bf73514cd)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2bf73514cd advisory. This update includes a rebase from 9.0.83 to 9.0.89. 2269611 CVE-2024-24549 tomcat: CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS 226961...

7.5CVSS7.7AI score0.23072EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/12 12:0 a.m.31 views

RHEL 8 : tomcat (RHSA-2024:3814)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3814 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: HTTP/2 heade...

7.5CVSS7AI score0.23072EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/06/11 5:34 p.m.274 views

Important: Red Hat Security Advisory: tomcat security and bug fix update

An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.23072EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/06/06 8:43 a.m.43 views

Important: Red Hat Security Advisory: tomcat security and bug fix update

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7AI score0.23072EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2024/06/06 12:0 a.m.34 views

tomcat security and bug fix update

1:9.0.87-1.el810.1 - Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly - Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-29255 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves...

7.5CVSS6.8AI score0.23072EPSS
Exploits1
Rows per page
Query Builder