Lucene search
+L

37 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2020-11996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usag...

7.5CVSS7AI score0.26699EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become...

5.3CVSS6.9AI score0.26699EPSS
Exploits0References10
Check Point Advisories
Check Point Advisories
added 2021/11/14 12:0 a.m.9 views

Apache Tomcat Denial of Service (CVE-2020-11996)

A denial of service vulnerability exists in Apache Tomcat. A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted HTTP2 packet to a vulnerable server. Successful exploitation of this vulnerability could result in denial of service conditions...

5CVSS7.3AI score0.26699EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:1962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.26699EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:1983-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.26699EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/12 12:0 a.m.67 views

JFrog < 7.7.0 Multiple Vulnerabilities

According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.7.0. It is, therefore, affected by multiple vulnerabilities: - An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did no...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/11/23 12:13 p.m.105 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.4 security release

Updated Red Hat JBoss Web Server 5.4.0 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

7.5CVSS7.2AI score0.26699EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/23 12:5 p.m.140 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.4 security release

Red Hat JBoss Web Server 5.4.0 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.26699EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/11/23 12:0 a.m.47 views

RHEL 6 / 7 / 8 : Red Hat JBoss Web Server 5.4 security (Moderate) (RHSA-2020:5170)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5170 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apac...

7.5CVSS8AI score0.26699EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/10/24 12:0 a.m.68 views

Ubuntu 20.04 LTS : Tomcat vulnerabilities (USN-4596-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4596-1 advisory. It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting...

7.5CVSS7.6AI score0.87553EPSS
Exploits17References5
Ubuntu
Ubuntu
added 2020/10/21 1:55 p.m.123 views

USN-4596-1: Tomcat vulnerabilities

It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. CVE-2020-11996 It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/...

7.5CVSS7.5AI score0.87553EPSS
Exploits17
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/07 1:41 p.m.39 views

Security Bulletin: App Connect Professional is affected by Apache Tomcat vulnerabilities.

Summary App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details CVEID: CVE-2020-11996 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted sequence of HTTP/2 requests, a remote attacker could...

7.5CVSS0.4AI score0.26699EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/17 9:36 a.m.74 views

Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony

Summary This interim fix provides instructions on upgrading Apache Tomcat to v8.5.57 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address security vulnerabilities CVE-2020-9484, CVE-2020-11996, CVE-2020-13934, and CVE-2020-13935 in Apache Tomcat. Vulnerability Details CVEID: CVE-2020-13934...

7.5CVSS1.2AI score0.87553EPSS
Exploits17Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.36 views

openSUSE Security Update : tomcat (openSUSE-2020-1063)

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.9AI score0.26699EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.44 views

openSUSE Security Update : tomcat (openSUSE-2020-1051)

This update for tomcat fixes the following issues : Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.9AI score0.26699EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/26 12:0 a.m.52 views

Security update for tomcat (important)

openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2020:1063-1 Rating: important References: 1173389 Cross-References: CVE-2020-11996 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tomcat...

7.5CVSS7.6AI score0.26699EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/07/24 12:0 a.m.29 views

openSUSE: Security Advisory for tomcat (openSUSE-SU-2020:1051-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.8AI score0.26699EPSS
Exploits0References2
OSV
OSV
added 2020/07/23 6:21 p.m.9 views

OPENSUSE-SU-2020:1051-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.5AI score0.26699EPSS
Exploits0References3
OSV
OSV
added 2020/07/21 6:31 a.m.10 views

SUSE-SU-2020:1983-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.4AI score0.26699EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.46 views

Photon OS 3.0: Apache PHSA-2020-3.0-0114

An update of the apache package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0114. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid138812;...

7.5CVSS8.9AI score0.26699EPSS
Exploits0References2
Rows per page
Query Builder