24 matches found
Important: tomcat9
Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...
The vulnerability of the Go programming language-based http2 package, which allows a hacker to trigger a service failure
The vulnerability of the Go programming language’s http2 package is related to an uncontrolled resource consumption by the server due to the incorrect setting of the Server.MaxConcurrentStreams parameter when processing request streams. Exploiting this vulnerability can allow a remote attacker to...
The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, nginx servers, network programming tools like netty, Envoy, SwiftNIO, and Node.js software platforms. This allows attackers to induce service failures.
The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, nginx servers, network programming tools like Netty, Envoy, SwiftNIO, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a maliciou...
Apache Tomcat Directory Traversal Vulnerability (CNVD-2017-28315)
Apache Tomcat is a popular open source JSP application server program. Apache Tomcat suffers from a security restriction bypass vulnerability in the HTTP/2 implementation, which allows remote attackers to submit specially crafted requests to bypass security restrictions and conduct unauthorized...