A denial of service has been found in Apache Tomcat prior to 9.0.36 and 8.5.56, where a specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 9.0.0 |
||
apache tomcat 10.0.0 |
||
apache tomcat |
||
canonical ubuntu linux 20.04 |
||
oracle workload manager 18c |
||
oracle workload manager 19c |
||
oracle workload manager 12.2.0.1 |
||
oracle siebel ui framework |
||
oracle mysql enterprise monitor |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
netapp oncommand system manager 3.0 |
||
netapp oncommand system manager 3.1.3 |