Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.
This issue has been addressed in the following products: Red Hat JBoss Web Server Via RHSA-2024:5025 https://access.redhat.com/errata/RHSA-2024:5025
This issue has been addressed in the following products: Red Hat JBoss Web Server 5.8 on RHEL 7 Red Hat JBoss Web Server 5.8 on RHEL 8 Red Hat JBoss Web Server 5.8 on RHEL 9 Via RHSA-2024:5024 https://access.redhat.com/errata/RHSA-2024:5024
This issue has been addressed in the following products: Red Hat JBoss Web Server Via RHSA-2024:4977 https://access.redhat.com/errata/RHSA-2024:4977
This issue has been addressed in the following products: Red Hat JBoss Web Server 6.0 on RHEL 8 Red Hat JBoss Web Server 6.0 on RHEL 9 Via RHSA-2024:4976 https://access.redhat.com/errata/RHSA-2024:4976
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5694 https://access.redhat.com/errata/RHSA-2024:5694
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:5695 https://access.redhat.com/errata/RHSA-2024:5695
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:5693 https://access.redhat.com/errata/RHSA-2024:5693
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:5696 https://access.redhat.com/errata/RHSA-2024:5696
The best way to address this vulnerability is to update your Apache Tomcat installation to the latest https://block-blast.io version.
Thank you for providing very useful information! Play game https://smashy-road.io free.