CVE-2024-52317
18.11.2024, 12:15
Incorrect object re-cycling and re-use vulnerability in Apache Tomcat.Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue.Enginsight
| Vendor | Product | Version |
|---|---|---|
| apache | tomcat | 9.0.95 ≤ 𝑥 ≤ 9.0.95 |
| apache | tomcat | 10.1.30 ≤ 𝑥 ≤ 10.1.30 |
| apache | tomcat | 9.0.92 ≤ 𝑥 < 9.0.96 |
| apache | tomcat | 10.1.27 ≤ 𝑥 < 10.1.31 |
| apache | tomcat | 11.0.0:milestone23 |
| apache | tomcat | 11.0.0:milestone24 |
| apache | tomcat | 11.0.0:milestone25 |
| apache | tomcat | 11.0.0:milestone26 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| tomcat10 |
| ||||||||||||||||
| tomcat6 |
| ||||||||||||||||
| tomcat7 |
| ||||||||||||||||
| tomcat8 |
| ||||||||||||||||
| tomcat9 |
|
Common Weakness Enumeration