Apache Tomcat is prone to a denial-of-service vulnerability.
Attackers may leverage this issue to cause denial-of-service conditions.
The following versions are affected:
Apache Tomcat 9.0.0.M1 through 9.0.0.M11
Apache Tomcat 8.5.0 through 8.5.6
Information
Oracle Solaris 10
Oracle Secure Global Desktop 5.3
Oracle Secure Global Desktop 5.2
Oracle Secure Global Desktop 4.71
Apache Tomcat 8.5.6
Apache Tomcat 8.5.5
Apache Tomcat 8.5.4
Apache Tomcat 9.0.0M8
Apache Tomcat 9.0.0M6
Apache Tomcat 9.0.0.M9
Apache Tomcat 9.0.0.M7
Apache Tomcat 9.0.0.M5
Apache Tomcat 9.0.0.M4
Apache Tomcat 9.0.0.M3
Apache Tomcat 9.0.0.M2
Apache Tomcat 9.0.0.M11
Apache Tomcat 9.0.0.M10
Apache Tomcat 9.0.0.M1
Apache Tomcat 8.5.3
Apache Tomcat 8.5.2
Apache Tomcat 8.5.0
Apache Tomcat 9.0.0.M13
References:
- Apache Tomcat Homepage (Apache)
- Fixed in Apache Tomcat 8.0.32 (Apache)
- Fixed in Apache Tomcat 9.0.0.M3 (Apache)
- Oracle Critical Patch Update Advisory - April 2017 (Oracle)
- Oracle Solaris Third Party Bulletin - January 2017 (Oracle)