4.3

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.

Data is provided by the National Vulnerability Database (NVD)
ApacheTomcat Version8.5.0
ApacheTomcat Version8.5.1
ApacheTomcat Version8.5.2
ApacheTomcat Version8.5.3
ApacheTomcat Version8.5.4
ApacheTomcat Version8.5.5
ApacheTomcat Version8.5.6
ApacheTomcat Version8.5.7
ApacheTomcat Version8.5.8
ApacheTomcat Version8.5.9
ApacheTomcat Version8.5.10
ApacheTomcat Version8.5.11
ApacheTomcat Version8.5.12
ApacheTomcat Version8.5.13
ApacheTomcat Version8.5.14
ApacheTomcat Version8.5.15
ApacheTomcat Version8.5.16
ApacheTomcat Version8.5.17
ApacheTomcat Version8.5.18
ApacheTomcat Version8.5.19
ApacheTomcat Version8.5.20
ApacheTomcat Version8.5.21
ApacheTomcat Version8.5.22
ApacheTomcat Version8.5.23
ApacheTomcat Version8.5.24
ApacheTomcat Version8.5.25
ApacheTomcat Version8.5.26
ApacheTomcat Version8.5.27
ApacheTomcat Version8.5.28
ApacheTomcat Version8.5.29
ApacheTomcat Version8.5.30
ApacheTomcat Version8.5.31
ApacheTomcat Version8.5.32
ApacheTomcat Version8.5.33
ApacheTomcat Version8.5.34
ApacheTomcat Version8.5.35
ApacheTomcat Version8.5.36
ApacheTomcat Version8.5.37
ApacheTomcat Version8.5.38
ApacheTomcat Version8.5.39
ApacheTomcat Version8.5.40
ApacheTomcat Version8.5.41
ApacheTomcat Version8.5.42
ApacheTomcat Version8.5.43
ApacheTomcat Version8.5.44
ApacheTomcat Version8.5.45
ApacheTomcat Version8.5.46
ApacheTomcat Version8.5.47
ApacheTomcat Version8.5.48
ApacheTomcat Version8.5.49
ApacheTomcat Version8.5.50
ApacheTomcat Version8.5.51
ApacheTomcat Version8.5.52
ApacheTomcat Version8.5.53
ApacheTomcat Version8.5.54
ApacheTomcat Version8.5.55
ApacheTomcat Version8.5.56
ApacheTomcat Version8.5.57
ApacheTomcat Version9.0.0 Updatemilestone10
ApacheTomcat Version9.0.0 Updatemilestone11
ApacheTomcat Version9.0.0 Updatemilestone12
ApacheTomcat Version9.0.0 Updatemilestone13
ApacheTomcat Version9.0.0 Updatemilestone14
ApacheTomcat Version9.0.0 Updatemilestone15
ApacheTomcat Version9.0.0 Updatemilestone16
ApacheTomcat Version9.0.0 Updatemilestone17
ApacheTomcat Version9.0.0 Updatemilestone18
ApacheTomcat Version9.0.0 Updatemilestone19
ApacheTomcat Version9.0.0 Updatemilestone20
ApacheTomcat Version9.0.0 Updatemilestone21
ApacheTomcat Version9.0.0 Updatemilestone22
ApacheTomcat Version9.0.0 Updatemilestone23
ApacheTomcat Version9.0.0 Updatemilestone24
ApacheTomcat Version9.0.0 Updatemilestone25
ApacheTomcat Version9.0.0 Updatemilestone26
ApacheTomcat Version9.0.0 Updatemilestone27
ApacheTomcat Version9.0.0 Updatemilestone5
ApacheTomcat Version9.0.0 Updatemilestone6
ApacheTomcat Version9.0.0 Updatemilestone7
ApacheTomcat Version9.0.0 Updatemilestone8
ApacheTomcat Version9.0.0 Updatemilestone9
ApacheTomcat Version9.0.1
ApacheTomcat Version9.0.2
ApacheTomcat Version9.0.3
ApacheTomcat Version9.0.4
ApacheTomcat Version9.0.5
ApacheTomcat Version9.0.6
ApacheTomcat Version9.0.7
ApacheTomcat Version9.0.8
ApacheTomcat Version9.0.9
ApacheTomcat Version9.0.10
ApacheTomcat Version9.0.11
ApacheTomcat Version9.0.12
ApacheTomcat Version9.0.13
ApacheTomcat Version9.0.14
ApacheTomcat Version9.0.15
ApacheTomcat Version9.0.16
ApacheTomcat Version9.0.17
ApacheTomcat Version9.0.18
ApacheTomcat Version9.0.19
ApacheTomcat Version9.0.20
ApacheTomcat Version9.0.21
ApacheTomcat Version9.0.22
ApacheTomcat Version9.0.23
ApacheTomcat Version9.0.24
ApacheTomcat Version9.0.25
ApacheTomcat Version9.0.26
ApacheTomcat Version9.0.27
ApacheTomcat Version9.0.28
ApacheTomcat Version9.0.29
ApacheTomcat Version9.0.30
ApacheTomcat Version9.0.31
ApacheTomcat Version9.0.32
ApacheTomcat Version9.0.33
ApacheTomcat Version9.0.34
ApacheTomcat Version9.0.35
ApacheTomcat Version9.0.36
ApacheTomcat Version9.0.37
ApacheTomcat Version10.0.0 Updatemilestone1
ApacheTomcat Version10.0.0 Updatemilestone2
ApacheTomcat Version10.0.0 Updatemilestone3
ApacheTomcat Version10.0.0 Updatemilestone4
ApacheTomcat Version10.0.0 Updatemilestone5
ApacheTomcat Version10.0.0 Updatemilestone6
ApacheTomcat Version10.0.0 Updatemilestone7
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
OracleSd-wan Edge Version9.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 9.57% 0.926
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N