You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Apache Tomcat 8.5.0 through 8.5.63, 9.0.0-M1 through 9.0.43, and 10.0.0-M1 through 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: HIGH Remediation Upgrade Recommendation: 9.0.68
The text was updated successfully, but these errors were encountered:
Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2021-41079
Checkmarx Project: AaronZhouYu/TotallySecureApp
Repository URL: https://github.com/AaronZhouYu/TotallySecureApp
Branch: main
Scan ID: d9fa6dd5-d23b-4436-b75a-41a016305f39
Apache Tomcat 8.5.0 through 8.5.63, 9.0.0-M1 through 9.0.43, and 10.0.0-M1 through 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 9.0.68
The text was updated successfully, but these errors were encountered: