Tomcat Archives - Securezoo

Apache patches High risk Tomcat vulnerability (CVE-2022-25762)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 20, 2022 / Apache, CVE-2022-25762, Tomcat, WebSocket

The Apache Software Foundation has patched a High risk Apache Tomcat ‘Request Mix-up’ vulnerability CVE-2022-25762.

Apache patches Tomcat DoS vulnerability (CVE-2021-42340)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 18, 2021 / Apache, CVE-2021-42340, DOS, Tomcat

The Apache Software Foundation has patched an Apache Tomcat Denial of Service (DoS) vulnerability CVE-2021-42340 that may lead to a memory leak and over time a denial of service via an OutOfMemoryError.

Apache patches Tomcat vulnerability (CVE-2021-24122)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 15, 2021 / Apache, CVE-2021-24122, Tomcat

The Apache Software Foundation has patched a Tomcat vulnerability CVE-2021-24122 that may lead to information disclosure.

Apache patches Tomcat HTTP/2 Request header mix-up vulnerability (CVE-2020-17527)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / December 7, 2020 / Apache, CVE-2020-17527, Tomcat

The Apache Software Foundation has patched a Tomcat HTTP/2 Request header mix-up vulnerability CVE-2020-17527.

Apache patches Tomcat HTTP/2 Request mix-up vulnerability (CVE-2020-13943)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 14, 2020 / Apache, CVE-2020-13943, HTTP/2, Tomcat

The Apache Software Foundation has patched a Tomcat HTTP/2 Request mix-up vulnerability CVE-2020-13943. A cyber attacker could exploit this vulnerability to steal sensitive information.

Apache patches Tomcat HTTP/2 DoS vulnerability (CVE-2020-11996)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 29, 2020 / Apache, CVE-2020-11996, CVE-2020-1938, DOS, HTTP/2, Tomcat

The Apache Software Foundation has patched a Tomcat HTTP/2 DoS vulnerability (CVE-2020-11996). A cyber attacker could exploit this vulnerability to cause a denial-of-service (DoS) condition.

Ghostcat: Critical Tomcat vulnerability (CVE-2020-1938)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / February 28, 2020 / AJP, Apache, CVE-2020-1938, Ghostcat, Tomcat, webapp

Security researchers have discovered a serious vulnerability CVE-2020-1938 in Apache Tomcat. A bad actor could read or include any files in Tomcat webapp directories.