Описание
ELSA-2023-5929: tomcat security update (IMPORTANT)
[1:9.0.62-11.3]
- HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
tomcat
9.0.62-11.el9_2.3
tomcat-admin-webapps
9.0.62-11.el9_2.3
tomcat-docs-webapp
9.0.62-11.el9_2.3
tomcat-el-3.0-api
9.0.62-11.el9_2.3
tomcat-jsp-2.3-api
9.0.62-11.el9_2.3
tomcat-lib
9.0.62-11.el9_2.3
tomcat-servlet-4.0-api
9.0.62-11.el9_2.3
tomcat-webapps
9.0.62-11.el9_2.3
Oracle Linux x86_64
tomcat
9.0.62-11.el9_2.3
tomcat-admin-webapps
9.0.62-11.el9_2.3
tomcat-docs-webapp
9.0.62-11.el9_2.3
tomcat-el-3.0-api
9.0.62-11.el9_2.3
tomcat-jsp-2.3-api
9.0.62-11.el9_2.3
tomcat-lib
9.0.62-11.el9_2.3
tomcat-servlet-4.0-api
9.0.62-11.el9_2.3
tomcat-webapps
9.0.62-11.el9_2.3
Связанные CVE
Связанные уязвимости
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consum ...