Описание
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Релиз | Статус | Примечание |
---|---|---|
artful | DNE | |
bionic | DNE | |
devel | DNE | |
esm-apps/xenial | released | 6.0.45+dfsg-1 |
esm-infra-legacy/trusty | not-affected | 6.0.39-1ubuntu0.1 |
lucid | ignored | end of life |
precise | released | 6.0.35-1ubuntu3.6 |
precise/esm | not-affected | 6.0.35-1ubuntu3.6 |
trusty | released | 6.0.39-1ubuntu0.1 |
trusty/esm | not-affected | 6.0.39-1ubuntu0.1 |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
artful | not-affected | 7.0.56-2 |
bionic | not-affected | 7.0.56-2 |
devel | not-affected | 7.0.56-2 |
esm-apps/bionic | not-affected | 7.0.56-2 |
esm-apps/xenial | not-affected | 7.0.56-2 |
esm-infra-legacy/trusty | not-affected | 7.0.52-1ubuntu0.3 |
lucid | DNE | |
precise | ignored | end of life |
precise/esm | DNE | precise was needed |
trusty | released | 7.0.52-1ubuntu0.3 |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
artful | not-affected | 8.0.14-1 |
bionic | not-affected | 8.0.14-1 |
devel | not-affected | 8.0.14-1 |
esm-apps/bionic | not-affected | 8.0.14-1 |
esm-infra-legacy/trusty | DNE | |
esm-infra/xenial | not-affected | 8.0.14-1 |
lucid | DNE | |
precise | DNE | |
precise/esm | DNE | |
trusty | DNE |
Показывать по
EPSS
7.8 High
CVSS2
Связанные уязвимости
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0 ...
EPSS
7.8 High
CVSS2