exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 21

SUSE-SU-2024:1345-1

почти 2 года назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2024:1205-1

почти 2 года назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2024:1204-1

почти 2 года назад

Security update for tomcat10

EPSS: Низкий

RLSA-2024:3666

почти 2 года назад

Important: tomcat security and bug fix update

EPSS: Низкий

RLSA-2024:3307

почти 2 года назад

Important: tomcat security and bug fix update

EPSS: Низкий

ELSA-2024-3666

почти 2 года назад

ELSA-2024-3666: tomcat security and bug fix update (IMPORTANT)

EPSS: Низкий

ELSA-2024-3307

почти 2 года назад

ELSA-2024-3307: tomcat security and bug fix update (IMPORTANT)

EPSS: Низкий

CVE-2024-24549

около 2 лет назад

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

около 2 лет назад

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

около 2 лет назад

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

около 2 лет назад

Denial of Service due to improper input validation vulnerability for H ...

CVSS3: 7.5

EPSS: Средний

CVE-2024-23672

около 2 лет назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

CVSS3: 6.3

EPSS: Низкий

CVE-2024-23672

около 2 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-23672

около 2 лет назад

CVSS3: 6.3

EPSS: Низкий

CVE-2024-23672

около 2 лет назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...

CVSS3: 6.3

EPSS: Низкий

GHSA-v682-8vv8-vpwr

около 2 лет назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat

CVSS3: 6.3

EPSS: Низкий

GHSA-7w75-32cg-r6g2

около 2 лет назад

Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests

CVSS3: 7.5

EPSS: Средний

BDU:2024-02608

около 2 лет назад

Уязвимость сервера приложений Apache Tomcat, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Средний

BDU:2024-02604

около 2 лет назад

Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

ROS-20240703-12

больше 1 года назад

Уязвимость tomcat

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
SUSE-SU-2024:1345-1 Security update for tomcat			почти 2 года назад
SUSE-SU-2024:1205-1 Security update for tomcat			почти 2 года назад
SUSE-SU-2024:1204-1 Security update for tomcat10			почти 2 года назад
RLSA-2024:3666 Important: tomcat security and bug fix update			почти 2 года назад
RLSA-2024:3307 Important: tomcat security and bug fix update			почти 2 года назад
ELSA-2024-3666 ELSA-2024-3666: tomcat security and bug fix update (IMPORTANT)			почти 2 года назад
ELSA-2024-3307 ELSA-2024-3307: tomcat security and bug fix update (IMPORTANT)			почти 2 года назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	53% Средний	около 2 лет назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	53% Средний	около 2 лет назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	53% Средний	около 2 лет назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for H ...	CVSS3: 7.5	53% Средний	около 2 лет назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 6.3	1% Низкий	около 2 лет назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	1% Низкий	около 2 лет назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 6.3	1% Низкий	около 2 лет назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...	CVSS3: 6.3	1% Низкий	около 2 лет назад
GHSA-v682-8vv8-vpwr Denial of Service via incomplete cleanup vulnerability in Apache Tomcat	CVSS3: 6.3	1% Низкий	около 2 лет назад
GHSA-7w75-32cg-r6g2 Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests	CVSS3: 7.5	53% Средний	около 2 лет назад
BDU:2024-02608 Уязвимость сервера приложений Apache Tomcat, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	53% Средний	около 2 лет назад
BDU:2024-02604 Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	1% Низкий	около 2 лет назад
ROS-20240703-12 Уязвимость tomcat	CVSS3: 7.5	53% Средний	больше 1 года назад

Уязвимостей на страницу