Open nidhi0512 opened 2 years ago
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Description
Apache Tomcat 8.5.0 through 8.5.63, 9.0.0-M1 through 9.0.43, and 10.0.0-M1 through 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
HIGH Vulnerable Package issue exists @ org.apache.tomcat:tomcat-coyote in branch master
Vulnerability ID: CVE-2021-41079
Package Name: org.apache.tomcat:tomcat-coyote
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2021-09-16T15:15:00
Current Package Version: 9.0.22
Remediation Upgrade Recommendation: 9.0.68
Link To SCA
Reference – NVD link