exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 21

SUSE-SU-2024:1345-1

больше 1 года назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2024:1205-1

больше 1 года назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2024:1204-1

больше 1 года назад

Security update for tomcat10

EPSS: Низкий

RLSA-2024:3666

около 1 года назад

Important: tomcat security and bug fix update

EPSS: Низкий

RLSA-2024:3307

около 1 года назад

Important: tomcat security and bug fix update

EPSS: Низкий

ELSA-2024-3666

около 1 года назад

ELSA-2024-3666: tomcat security and bug fix update (IMPORTANT)

EPSS: Низкий

ELSA-2024-3307

около 1 года назад

ELSA-2024-3307: tomcat security and bug fix update (IMPORTANT)

EPSS: Низкий

CVE-2024-24549

больше 1 года назад

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

больше 1 года назад

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

больше 1 года назад

CVSS3: 7.5

EPSS: Средний

CVE-2024-24549

больше 1 года назад

Denial of Service due to improper input validation vulnerability for H ...

CVSS3: 7.5

EPSS: Средний

CVE-2024-23672

больше 1 года назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

CVSS3: 6.3

EPSS: Низкий

CVE-2024-23672

больше 1 года назад

CVSS3: 7.5

EPSS: Низкий

CVE-2024-23672

больше 1 года назад

CVSS3: 6.3

EPSS: Низкий

CVE-2024-23672

больше 1 года назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...

CVSS3: 6.3

EPSS: Низкий

GHSA-v682-8vv8-vpwr

больше 1 года назад

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat

CVSS3: 6.3

EPSS: Низкий

GHSA-7w75-32cg-r6g2

больше 1 года назад

Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests

CVSS3: 7.5

EPSS: Средний

BDU:2024-02608

больше 1 года назад

Уязвимость сервера приложений Apache Tomcat, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Средний

BDU:2024-02604

больше 1 года назад

Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

ROS-20240703-12

около 1 года назад

Уязвимость tomcat

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
SUSE-SU-2024:1345-1 Security update for tomcat			больше 1 года назад
SUSE-SU-2024:1205-1 Security update for tomcat			больше 1 года назад
SUSE-SU-2024:1204-1 Security update for tomcat10			больше 1 года назад
RLSA-2024:3666 Important: tomcat security and bug fix update			около 1 года назад
RLSA-2024:3307 Important: tomcat security and bug fix update			около 1 года назад
ELSA-2024-3666 ELSA-2024-3666: tomcat security and bug fix update (IMPORTANT)			около 1 года назад
ELSA-2024-3307 ELSA-2024-3307: tomcat security and bug fix update (IMPORTANT)			около 1 года назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	52% Средний	больше 1 года назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	52% Средний	больше 1 года назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	52% Средний	больше 1 года назад
CVE-2024-24549 Denial of Service due to improper input validation vulnerability for H ...	CVSS3: 7.5	52% Средний	больше 1 года назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 6.3	1% Низкий	больше 1 года назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 7.5	1% Низкий	больше 1 года назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVSS3: 6.3	1% Низкий	больше 1 года назад
CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomca ...	CVSS3: 6.3	1% Низкий	больше 1 года назад
GHSA-v682-8vv8-vpwr Denial of Service via incomplete cleanup vulnerability in Apache Tomcat	CVSS3: 6.3	1% Низкий	больше 1 года назад
GHSA-7w75-32cg-r6g2 Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests	CVSS3: 7.5	52% Средний	больше 1 года назад
BDU:2024-02608 Уязвимость сервера приложений Apache Tomcat, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	52% Средний	больше 1 года назад
BDU:2024-02604 Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	1% Низкий	больше 1 года назад
ROS-20240703-12 Уязвимость tomcat	CVSS3: 7.5	52% Средний	около 1 года назад

Уязвимостей на страницу