Количество 1 143
Количество 1 143
CVE-2016-3092
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
CVE-2016-3092
The MultipartStream class in Apache Commons Fileupload before 1.3.2, a ...
openSUSE-SU-2020:1063-1
Security update for tomcat
openSUSE-SU-2020:1051-1
Security update for tomcat
SUSE-SU-2020:1983-1
Security update for tomcat
SUSE-SU-2020:1963-1
Security update for tomcat
SUSE-SU-2020:1962-1
Security update for tomcat
SUSE-SU-2020:1841-1
Security update for tomcat
GHSA-53hp-jpwq-2jgq
Uncontrolled Resource Consumption in Apache Tomcat
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat ...
openSUSE-SU-2022:0818-1
Security update for tomcat
SUSE-SU-2022:0818-1
Security update for tomcat
SUSE-SU-2022:0784-1
Security update for tomcat
SUSE-SU-2022:0695-1
Security update for tomcat
SUSE-SU-2022:0694-1
Security update for tomcat
GHSA-r4x2-3cq5-hqvp
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins
GHSA-q6x7-f33r-3wxx
Incorrect Authorization in Apache Tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-3092 The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. | CVSS3: 7.5 | 45% Средний | около 9 лет назад |
| CVE-2016-3092 The MultipartStream class in Apache Commons Fileupload before 1.3.2, a ... | CVSS3: 7.5 | 45% Средний | около 9 лет назад |
 | openSUSE-SU-2020:1063-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| openSUSE-SU-2020:1051-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| SUSE-SU-2020:1983-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| SUSE-SU-2020:1963-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| SUSE-SU-2020:1962-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| SUSE-SU-2020:1841-1 Security update for tomcat | 31% Средний | около 5 лет назад | |
| GHSA-53hp-jpwq-2jgq Uncontrolled Resource Consumption in Apache Tomcat | CVSS3: 7.5 | 31% Средний | больше 3 лет назад |
 | CVE-2020-11996 A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. | CVSS3: 7.5 | 31% Средний | около 5 лет назад |
 | CVE-2020-11996 A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. | CVSS3: 7.5 | 31% Средний | около 5 лет назад |
| CVE-2020-11996 A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. | CVSS3: 7.5 | 31% Средний | около 5 лет назад |
| CVE-2020-11996 A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat ... | CVSS3: 7.5 | 31% Средний | около 5 лет назад |
| openSUSE-SU-2022:0818-1 Security update for tomcat | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:0818-1 Security update for tomcat | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:0784-1 Security update for tomcat | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:0695-1 Security update for tomcat | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:0694-1 Security update for tomcat | 0% Низкий | больше 3 лет назад | |
| GHSA-r4x2-3cq5-hqvp The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins | CVSS3: 9.8 | 54% Средний | почти 7 лет назад |
| GHSA-q6x7-f33r-3wxx Incorrect Authorization in Apache Tomcat | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу