Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:5694

Опубликовано: 17 сент. 2024
Источник: rocky
Оценка: Important

Описание

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

Security Fix(es):

  • tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
tomcatnoarch1.el8_10.2tomcat-9.0.87-1.el8_10.2.noarch.rpm
tomcat-admin-webappsnoarch1.el8_10.2tomcat-admin-webapps-9.0.87-1.el8_10.2.noarch.rpm
tomcat-docs-webappnoarch1.el8_10.2tomcat-docs-webapp-9.0.87-1.el8_10.2.noarch.rpm
tomcat-el-3.0-apinoarch1.el8_10.2tomcat-el-3.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-jsp-2.3-apinoarch1.el8_10.2tomcat-jsp-2.3-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-libnoarch1.el8_10.2tomcat-lib-9.0.87-1.el8_10.2.noarch.rpm
tomcat-servlet-4.0-apinoarch1.el8_10.2tomcat-servlet-4.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-webappsnoarch1.el8_10.2tomcat-webapps-9.0.87-1.el8_10.2.noarch.rpm

Показывать по

Связанные CVE

CVE-2024-34750

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-34750

CVSS3: 7.5
ubuntu
12 месяцев назад

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

redhat логотип

CVE-2024-34750

CVSS3: 7.5
redhat
12 месяцев назад

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

nvd логотип

CVE-2024-34750

CVSS3: 7.5
nvd
12 месяцев назад

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

debian логотип

CVE-2024-34750

CVSS3: 7.5
debian
12 месяцев назад

Improper Handling of Exceptional Conditions, Uncontrolled Resource Con ...

suse-cvrf логотип

SUSE-SU-2024:2539-1

suse-cvrf
11 месяцев назад

Security update for tomcat