Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/02/08 10:5 p.m.36 views

Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service...

7.5CVSS2.6AI score0.64124EPSS
Exploits0References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/07/17 12:0 a.m.229 views

Apache Tomcat 9.0.0.M1 < 9.0.37 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.37. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.37security-9 advisory. - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to...

7.5CVSS7AI score0.87553EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2020/07/15 6:8 a.m.24 views

CVE-2020-13934

A flaw was found in Apache Tomcat, where an h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests are made, an OutOfMemoryException could occur, leading to a denial of service. The highest threat from this vulnerability i...

5CVSS7.2AI score0.64124EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2020/07/14 2:59 p.m.34 views

CVE-2020-13934

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service...

7.5CVSS8.7AI score0.64124EPSS
Exploits0
Rows per page
Query Builder