Lucene search
K

9 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.39 views

K31573032: Tomcat vulnerability CVE-2020-13943

Security Advisory Description If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made...

4.3CVSS7.2AI score0.57286EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/03 12:0 a.m.20 views

Apache Tomcat 10.0.0-M5 < 10.0.16 Local Privilege Escalation

The version of Apache Tomcat installed on the remote host is 8.5.55 to 8.5.73, 9.0.35 to 9.0.56, 10.0.0-M5 to 10.0.14 or 10.1.0-M1 to 10.1.0-M8. It is, therefore, affected by a local privilege escalation vulnerability due to a time of check, time of use vulnerability. Note that the scanner has no...

7CVSS7.5AI score0.00692EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.45 views

F5 Networks BIG-IP : Apache Tomcat vulnerability (K32469285)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K32469285 advisory. Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP...

5.3CVSS7.3AI score0.75353EPSS
Exploits1References2
Atlassian
Atlassian
added 2021/10/17 11:13 a.m.47 views

Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError

h3. Issue Summary Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError Base Score: 7.5 HIGH bq. The fix for bug 63362 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once th...

7.5CVSS6.8AI score0.10997EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/12 12:0 a.m.67 views

JFrog < 7.7.0 Multiple Vulnerabilities

According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.7.0. It is, therefore, affected by multiple vulnerabilities: - An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did no...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/05 12:0 a.m.76 views

Apache Tomcat 10.0.0-M1 < 10.0.2 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 10.0.0-M1 to 10.0.1, 9.0.0.M1 to 9.0.42, 8.5.0 to 8.5.62 or 7.0.0 to 7.0.107. It is, therefore, affected by a remote code execution due to an incomplete fix for CVE-2020-9484 and an information diclosure due to request mix-up with h2c...

7.5CVSS8AI score0.56636EPSS
Exploits15References3
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.38 views

Amazon Linux AMI : tomcat8 (ALAS-2020-1473) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1473 advisory. - While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and...

7.6AI score0.24622EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/10/12 2:15 p.m.71 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4.3CVSS6.8AI score0.57286EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/10/12 1:46 p.m.50 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4.8AI score0.57286EPSS
Exploits0References7
Rows per page
Query Builder