Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.98 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7uaw-6w3w-aaar
Aliases: CVE-2024-24549 GHSA-7w75-32cg-r6g2 |
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-10-07T22:05:13.015047+00:00 | GHSA Importer | Affected by | VCID-7uaw-6w3w-aaar | https://github.com/advisories/GHSA-7w75-32cg-r6g2 | 34.0.2 |
| 2024-09-17T22:00:20.054561+00:00 | GHSA Importer | Affected by | VCID-7uaw-6w3w-aaar | https://github.com/advisories/GHSA-7w75-32cg-r6g2 | 34.0.1 |
| 2024-04-23T17:39:24.402354+00:00 | GHSA Importer | Affected by | VCID-7uaw-6w3w-aaar | https://github.com/advisories/GHSA-7w75-32cg-r6g2 | 34.0.0rc4 |