| Max CVSS | 5.0 | Min CVSS | 4.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-9484 | 4.4 |
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the Persiste
|
25-07-2022 - 18:15 | 20-05-2020 - 19:15 | |
| CVE-2020-13935 | 5.0 |
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with inv
|
12-05-2022 - 15:01 | 14-07-2020 - 15:15 | |
| CVE-2020-13934 | 5.0 |
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException co
|
01-03-2022 - 21:01 | 14-07-2020 - 15:15 | |
| CVE-2020-11996 | 5.0 |
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTT
|
21-07-2021 - 11:39 | 26-06-2020 - 17:15 |