Test Kennung:	1.3.6.1.4.1.25623.1.0.117726
Kategorie:	Web Servers
Titel:	Apache Tomcat DoS Vulnerability (Oct 2021) - Linux
Zusammenfassung:	Apache Tomcat is prone to a denial of service (DoS); vulnerability.
Beschreibung:	Summary: Apache Tomcat is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The fix for bug 63362 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the WebSocket connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. Affected Software/OS: Apache Tomcat 8.5.60 through 8.5.71, 9.0.40 through 9.0.53, 10.0.0-M10 through 10.0.11 and 10.1.0-M1 through 10.1.0-M5. Solution: Update to version 8.5.72, 9.0.54, 10.0.12, 10.1.0-M6 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-42340 https://kc.mcafee.com/corporate/index?page=content&id=SB10379 https://security.netapp.com/advisory/ntap-20211104-0001/ Debian Security Information: DSA-5009 (Google Search) https://www.debian.org/security/2021/dsa-5009 https://security.gentoo.org/glsa/202208-34 https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.apache.org/thread.html/r8097a2d1550aa78e585fc77e602b9046e6d4099d8d132497c5387784@%3Ccommits.myfaces.apache.org%3E
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.