Описание
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| eoan | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | code not present |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 9.0.36-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | released | 9.0.31-1ubuntu0.1 |
| esm-apps/jammy | not-affected | 9.0.36-1 |
| esm-apps/noble | not-affected | 9.0.36-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 9.0.31-1ubuntu0.1 |
| groovy | not-affected | 9.0.36-1 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat ...
EPSS
5 Medium
CVSS2
7.5 High
CVSS3