Lucene search
+L

9 matches found

Veracode
Veracode
added 2024/04/11 12:38 a.m.23 views

Broke Window Attack

Varnish Cache, Varnish Enterprise is vulnerable to a Broke Window Attack. The vulnerability is due to exhaustion of credits for an HTTP/2 connection control flow window...

7.5CVSS6.2AI score0.03663EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2019-2094)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.72988EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/11/20 4:4 p.m.4 views

tomcat: HTTP/2 connection window exhaustion on write, incomplete fix of CVE-2019-0199

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.5CVSS7.2AI score0.72988EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/09/30 12:0 a.m.39 views

EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2019-2094)

According to the version of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to...

7.5CVSS6.7AI score0.72988EPSS
Exploits0References2
OSV
OSV
added 2019/06/26 1:9 a.m.1 views

GHSA-Q4HG-RMQ2-52Q9 Improper Locking in Apache Tomcat

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.5CVSS6.8AI score0.72988EPSS
Exploits0References33
Github Security Blog
Github Security Blog
added 2019/06/26 1:9 a.m.44 views

Improper Locking in Apache Tomcat

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.5CVSS3.7AI score0.72988EPSS
Exploits0References33Affected Software1
OSV
OSV
added 2019/06/21 6:15 p.m.25 views

CVE-2019-10072

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.5CVSS6.8AI score
Exploits0References20
Cvelist
Cvelist
added 2019/06/21 5:56 p.m.40 views

CVE-2019-10072

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.8AI score0.72988EPSS
Exploits0References20
OSV
OSV
added 2019/06/21 12:0 a.m.4 views

UBUNTU-CVE-2019-10072

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to cause server-side threads to...

7.5CVSS6.8AI score0.72988EPSS
Exploits0References7
Rows per page
Query Builder