Lucene search
+L

30 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.24 views

Photon OS 3.0: Apache PHSA-2021-3.0-0327

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0327. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.9AI score0.10997EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.31 views

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-006)

The version of tomcat installed on the remote host is prior to 8.5.72-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-006 advisory. A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections...

7.5CVSS7.1AI score0.10997EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.5 views

SUSE CVE-2021-42340

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was...

7.5CVSS7.3AI score0.10997EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/07/06 12:0 a.m.57 views

Atlassian Jira < 8.13.18 / 8.14.0 < 8.20.6 / 8.21.0 (JRASERVER-73070)

The version of Atlassian Jira installed on the remote host is prior to 8.13.18 / 8.14.0 8.20.6 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73070 advisory. - Denial of service via an OutOfMemoryError Tomcat CVE-2021-42340 CVE-2021-42340 Note that Nessus h...

7.5CVSS7.2AI score0.10997EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 11:26 a.m.39 views

Security Bulletin: IBM Rational Build Forge is affected by Apache Tomcat version used in it. (CVE-2021-42340)

Summary IBM Rational Build Forge is affected by CVE-2021-42340. Vulnerability Details CVEID: CVE-2021-42340 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remo...

7.5CVSS1.2AI score0.10997EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/25 5:3 p.m.34 views

Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-42340

Summary IBM UrbanCode Build is affected by CVE-2021-42340 Vulnerability Details CVEID: CVE-2021-42340 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remote...

7.5CVSS1.8AI score0.10997EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2021-0485)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.75353EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 9:33 p.m.53 views

Security Bulletin: CVE-2021-42340 Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections.

Summary Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remote attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Details CVEID:...

7.5CVSS1AI score0.10997EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/11/30 6:48 p.m.58 views

Denial of service via an OutOfMemoryError (Tomcat CVE-2021-42340)

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to impact the application's availability via CVE-2021-42340, a Denial of Service DoS vulnerability in Apache Tomcat. The affected versions of Atlassian Jira Server and Data Center are before version 8.21.0...

7.5CVSS5.2AI score0.10997EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/30 2:28 p.m.107 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release

Updated Red Hat JBoss Web Server 5.6.0 packages are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/11/30 2:25 p.m.70 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release

Red Hat JBoss Web Server 5.6.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/22 5:58 a.m.33 views

Security Bulletin: Vulnerability in Apache Tomcat (CVE-2021-42340) affects HMC

Summary Apache Tomcat is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-42340 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a...

7.5CVSS0.4AI score0.10997EPSS
Exploits0Affected Software2
Debian
Debian
added 2021/11/12 2:35 p.m.52 views

[SECURITY] [DSA 5009-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5009-1 [email protected] https://www.debian.org/security/ Markus Koschany November 12, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.10997EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/12 12:0 a.m.41 views

Debian DSA-5009-1 : tomcat9 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5009 advisory. Apache Tomcat, the servlet and JSP engine, did not properly release an HTTP upgrade connection for WebSocket connections once the WebSocket connection was closed. This...

7.5CVSS7.1AI score0.10997EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/11/05 12:0 a.m.26 views

Amazon Linux AMI : tomcat8 (ALAS-2021-1546)

The version of tomcat8 installed on the remote host is prior to 8.5.72-1.89. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1546 advisory. A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once...

7.5CVSS7.1AI score0.10997EPSS
Exploits0References3
OSV
OSV
added 2021/11/04 11:3 a.m.3 views

OESA-2021-1413 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

7.5CVSS6.7AI score0.10997EPSS
Exploits0References2
Amazon
Amazon
added 2021/11/04 12:0 a.m.63 views

Important: tomcat8

Issue Overview: A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once the WebSocket connection is closed. If a sufficient number of such requests are made, an OutOfMemoryError occurs, leading to a denial of service. The...

7.5CVSS7.6AI score0.10997EPSS
Exploits0
Atlassian
Atlassian
added 2021/10/17 11:13 a.m.60 views

Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError

h3. Issue Summary Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError Base Score: 7.5 HIGH bq. The fix for bug 63362 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once th...

7.5CVSS1.9AI score0.10997EPSS
Exploits0
Atlassian
Atlassian
added 2021/10/17 11:13 a.m.49 views

Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError

h3. Issue Summary Jira is affected by Tomcat CVE-2021-42340 - Denial of service via an OutOfMemoryError Base Score: 7.5 HIGH bq. The fix for bug 63362 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once th...

7.5CVSS6.8AI score0.10997EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/10/14 8:15 p.m.19 views

CVE-2021-42340

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was...

7.5CVSS0.10997EPSS
Exploits0References9
Rows per page
Query Builder