Apache

Tomcat

263 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.7%
  • Veröffentlicht 07.11.2024 08:15:13
  • Zuletzt bearbeitet 03.11.2025 21:16:14

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL a...

  • EPSS 4.6%
  • Veröffentlicht 03.07.2024 20:15:04
  • Zuletzt bearbeitet 03.11.2025 20:16:12

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active...

  • EPSS 2.31%
  • Veröffentlicht 13.03.2024 16:15:29
  • Zuletzt bearbeitet 07.08.2025 12:15:27

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0....

  • EPSS 23.07%
  • Veröffentlicht 13.03.2024 16:15:29
  • Zuletzt bearbeitet 29.10.2025 12:15:34

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset unt...

  • EPSS 14.29%
  • Veröffentlicht 19.01.2024 11:15:08
  • Zuletzt bearbeitet 03.11.2025 21:16:06

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended t...

  • EPSS 2.65%
  • Veröffentlicht 28.11.2023 16:15:06
  • Zuletzt bearbeitet 07.08.2025 11:15:28

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer head...

  • EPSS 5.85%
  • Veröffentlicht 10.10.2023 19:15:09
  • Zuletzt bearbeitet 07.08.2025 11:15:27

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially c...

  • EPSS 1.85%
  • Veröffentlicht 10.10.2023 18:15:18
  • Zuletzt bearbeitet 29.10.2025 12:15:33

Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial o...

  • EPSS 2.16%
  • Veröffentlicht 10.10.2023 18:15:18
  • Zuletzt bearbeitet 07.08.2025 11:15:27

Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could ...

Warnung Medienbericht Exploit
  • EPSS 100%
  • Veröffentlicht 10.10.2023 14:15:10
  • Zuletzt bearbeitet 12.05.2026 15:10:32

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.