Количество 17
Количество 17
GHSA-25xr-qj8w-c4vf
Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an ...
BDU:2025-08952
Уязвимость сервера приложений Apache Tomcat, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:02745-1
Security update for tomcat
SUSE-SU-2025:02979-1
Security update for tomcat11
SUSE-SU-2025:02978-1
Security update for tomcat10
ROS-20250826-09
Множественные уязвимости tomcat10
SUSE-SU-2025:03024-1
Security update for tomcat
ROS-20250826-08
Множественные уязвимости tomcat
ELSA-2025-14179
ELSA-2025-14179: tomcat security update (IMPORTANT)
RLSA-2025:14177
Important: tomcat security update
ELSA-2025-14181
ELSA-2025-14181: tomcat security update (IMPORTANT)
ELSA-2025-14178
ELSA-2025-14178: tomcat9 security update (IMPORTANT)
ELSA-2025-14177
ELSA-2025-14177: tomcat security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-25xr-qj8w-c4vf Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
| CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an ... | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
 | BDU:2025-08952 Уязвимость сервера приложений Apache Tomcat, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.6 | 0% Низкий | 2 месяца назад |
 | SUSE-SU-2025:02745-1 Security update for tomcat | около 1 месяца назад | ||
| SUSE-SU-2025:02979-1 Security update for tomcat11 | 23 дня назад | ||
| SUSE-SU-2025:02978-1 Security update for tomcat10 | 23 дня назад | ||
 | ROS-20250826-09 Множественные уязвимости tomcat10 | CVSS3: 5.6 | 23 дня назад | |
| SUSE-SU-2025:03024-1 Security update for tomcat | 19 дней назад | ||
| ROS-20250826-08 Множественные уязвимости tomcat | CVSS3: 5.6 | 23 дня назад | |
| ELSA-2025-14179 ELSA-2025-14179: tomcat security update (IMPORTANT) | 27 дней назад | ||
 | RLSA-2025:14177 Important: tomcat security update | 9 дней назад | ||
| ELSA-2025-14181 ELSA-2025-14181: tomcat security update (IMPORTANT) | 29 дней назад | ||
| ELSA-2025-14178 ELSA-2025-14178: tomcat9 security update (IMPORTANT) | 28 дней назад | ||
| ELSA-2025-14177 ELSA-2025-14177: tomcat security update (IMPORTANT) | 29 дней назад |
Уязвимостей на страницу