Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-13934  

An issue has been found in Apache Tomcat before 8.5.57 and before 9.0.37, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.

Source
Severity High

Remote Yes

Type Denial of service

Description 

An issue has been found in Apache Tomcat before 8.5.57 and before 9.0.37, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.

AVG-1205 tomcat9 9.0.35-1 High Vulnerable

AVG-1204 tomcat8 8.5.56-1 High Vulnerable 

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57
https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started