CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS

CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS

Open Source Security [[{„value“:“

Posted by Mark Thomas on Mar 13

Severity: important

Affected versions:

– Apache Tomcat 11.0.0-M1 through 11.0.0-M16
– Apache Tomcat 10.1.0-M1 through 10.1.18
– Apache Tomcat 9.0.0-M1 through 9.0.85
– Apache Tomcat 8.5.0 through 8.5.98

Description:

Denial of Service due to improper input validation vulnerability for
HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if
the request exceeded any of the configured limits for headers, the
associated HTTP/2…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert