An issue has been found in Apache Tomcat prior to 8.5.57 and prior to 9.0.37, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat |
||
apache tomcat 9.0.0 |
||
apache tomcat 10.0.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
netapp oncommand system manager |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
canonical ubuntu linux 20.04 |
||
oracle agile engineering data management 6.2.1.0 |
||
oracle agile plm 9.3.3 |
||
oracle agile plm 9.3.5 |
||
oracle agile plm 9.3.6 |
||
oracle communications instant messaging server 10.0.1.5.0 |
||
oracle fmw platform 12.2.1.3.0 |
||
oracle fmw platform 12.2.1.4.0 |
||
oracle instantis enterprisetrack 17.1 |
||
oracle instantis enterprisetrack 17.2 |
||
oracle instantis enterprisetrack 17.3 |
||
oracle managed file transfer 12.2.1.3.0 |
||
oracle managed file transfer 12.2.1.4.0 |
||
oracle mysql enterprise monitor |
||
oracle siebel ui framework |
||
oracle workload manager 12.2.0.1 |
||
oracle workload manager 18c |
||
oracle workload manager 19c |