Lucene search
+L

6 matches found

f5
f5
added 2023/02/21 6:35 p.m.39 views

K31573032: Tomcat vulnerability CVE-2020-13943

Security Advisory Description If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made...

4.3CVSS7.2AI score0.57286EPSS
Exploits0
nessus
nessus
added 2021/10/28 12:0 a.m.45 views

F5 Networks BIG-IP : Apache Tomcat vulnerability (K32469285)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K32469285 advisory. Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP...

5.3CVSS7.3AI score0.75353EPSS
Exploits1References2
nessus
nessus
added 2021/03/05 12:0 a.m.79 views

Apache Tomcat 10.0.0-M1 < 10.0.2 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 10.0.0-M1 to 10.0.1, 9.0.0.M1 to 9.0.42, 8.5.0 to 8.5.62 or 7.0.0 to 7.0.107. It is, therefore, affected by a remote code execution due to an incomplete fix for CVE-2020-9484 and an information diclosure due to request mix-up with h2c...

7.5CVSS8AI score0.56636EPSS
Exploits16References3
nessus
nessus
added 2020/12/18 12:0 a.m.38 views

Amazon Linux AMI : tomcat8 (ALAS-2020-1473) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1473 advisory. - While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and...

7.6AI score0.24622EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2020/10/12 2:15 p.m.71 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4.3CVSS6.8AI score0.57286EPSS
Exploits0References5
cvelist
cvelist
added 2020/10/12 1:46 p.m.68 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4.8AI score0.57286EPSS
Exploits0References7
Rows per page
Query Builder