org.apache.tomcat.embed:tomcat-embed-core@8.5.96 vulnerabilities
-
latest version
10.1.20
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
a month ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat.embed:tomcat-embed-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS) when processing a crafted HTTP/2 request. If the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed. How to fix Denial of Service (DoS)? Upgrade |
[8.5.0,8.5.99)
[9.0.0-M1,9.0.86)
[10.1.0-M1,10.1.19)
[11.0.0-M1,1.0.0-M17)
|