org.apache.tomcat.embed:tomcat-embed-core@8.0.50 vulnerabilities
-
latest version
10.1.23
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
a month ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat.embed:tomcat-embed-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS) in the implementation of the HTTP/2 protocol. An attacker can cause a denial of service (including via DDoS) by rapidly resetting many streams through request cancellation. How to fix Denial of Service (DoS)? Upgrade |
[,8.5.94)
[9.0.0,9.0.81)
[10.0.0,10.1.14)
[11.0.0-M3,11.0.0-M12)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS). When Tomcat is configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially-crafted packet could be used to trigger an infinite loop resulting in a denial of service. How to fix Denial of Service (DoS)? Upgrade |
[10.0.0,10.0.4)
[8.0.0,8.5.64)
[9.0.0,9.0.44)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS) via the UTF-8 decoder. When handling some special characters, the decoder may enter an infinite loop, thus denying service to other requests. How to fix Denial of Service (DoS)? Upgrade |
[,7.0.90)
[8.0.0,8.0.52)
[8.5.0,8.5.32)
[9.0.0,9.0.10)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Insecure Defaults. The defaults settings for the How to fix Insecure Defaults? Upgrade |
[,7.0.89)
[8.0.0,8.0.53)
[8.5.0,8.5.32)
[9.0.0,9.0.9)
|