Metrics
Affected Vendors & Products
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 07 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache tomcat |
|
CPEs | cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apache
Apache tomcat |
|
Metrics |
ssvc
|
Thu, 07 Nov 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in Tomcat. Under certain configurations on any platform, this flaw allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. | Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. |
Title | tomcat: Denial of Service in Tomcat | Apache Tomcat: Denial of Service |
Weaknesses | CWE-770 | |
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 30 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.6 |
Tue, 29 Oct 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_eus:9.0 cpe:/a:redhat:rhel_tus:8.4 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
Fri, 11 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:8.8 |
Thu, 10 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat enterprise Linux
Redhat rhel Eus |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_eus:9.2 |
|
Vendors & Products |
Redhat enterprise Linux
Redhat rhel Eus |
Wed, 02 Oct 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat jboss Enterprise Web Server |
|
CPEs | cpe:/a:redhat:jboss_enterprise_web_server:5.8 cpe:/a:redhat:jboss_enterprise_web_server:5.8::el7 cpe:/a:redhat:jboss_enterprise_web_server:5.8::el8 cpe:/a:redhat:jboss_enterprise_web_server:5.8::el9 cpe:/a:redhat:jboss_enterprise_web_server:6.0 cpe:/a:redhat:jboss_enterprise_web_server:6.0::el8 cpe:/a:redhat:jboss_enterprise_web_server:6.0::el9 |
|
Vendors & Products |
Redhat
Redhat jboss Enterprise Web Server |
Wed, 25 Sep 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A vulnerability was found in Tomcat. Under certain configurations on any platform, this flaw allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. |
Wed, 25 Sep 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | tomcat: Denial of Service in Tomcat | |
Weaknesses | CWE-400 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Status: PUBLISHED
Assigner: apache
Published: 2024-11-07T07:37:32.224Z
Updated: 2024-11-07T16:36:00.935Z
Reserved: 2024-06-12T16:27:23.740Z
Link: CVE-2024-38286
Updated: 2024-11-07T08:03:33.093Z
Status : Awaiting Analysis
Published: 2024-11-07T08:15:13.007
Modified: 2024-11-21T09:25:17.487
Link: CVE-2024-38286