CVE-2020-13934

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service...

CVE-2020-13934

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service...

CVE-2020-13934

CVE-2020-13934 affects multiple Apache Tomcat releases (8.5.1–8.5.56, 9.0.x, 10.0.x up to M6) where an h2c direct connection didn’t release the HTTP/1.1 processor after upgrading to HTTP/2, potentially causing OutOfMemoryError and denial of service. Public advisories across vendors and distributi...

Debian DLA-2279-1 : tomcat8 security update

Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2020-9484 When using Apache Tomcat and an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c...

[SECURITY] [DLA 2279-1] tomcat8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2279-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 12, 2020 https://wiki.debian.org/LTS -...

Arista Networks CloudVision Portal Multiple Vulnerabilities (SA0043)

The version of Arista Networks CloudVision Portal running on the remote device is affected by the following vulnerabilities: - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service DoS. An unauthenticated, remote attacker can exploit this, by sending...

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Fixed in Apache Tomcat 8.5.57

Important: WebSocket DoS CVE-2020-13935 The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. This was fixed with commit 12d71567. This issue wa...

Fixed in Apache Tomcat 10.0.0-M7

Important: WebSocket DoS CVE-2020-13935 The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. This was fixed with commit 1c1c77b0. This issue wa...

Fixed in Apache Tomcat 9.0.37

Important: WebSocket DoS CVE-2020-13935 The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. This was fixed with commit 40fa74c7. This issue wa...

Apache Tomcat -- Multiple Vulnerabilities

The Apache Software Foundation reports: An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. The payload length in a WebSocket frame was n...

Apache Tomcat 9.0.0.M1 < 9.0.36

The version of Tomcat installed on the remote host is prior to 9.0.36. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.36security-9 advisory. - A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.3...

Amazon Linux 2 : nghttp2 (ALAS-2020-1445)

The version of nghttp2 installed on the remote host is prior to 1.41.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1445 advisory. In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

Code injection

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

CVE-2020-12604

CVE-2020-12604 affects Envoy versions prior to 1.16.1. The issue arises when an HTTP/2 client sends a large payload but does not provide enough window updates to consume the stream and does not reset it, leading to increased memory usage. Public documents specify vulnerable versions (1.14.2, 1.13...

CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...

CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...