VYPR

Maven package

org.apache.tomcat/tomcat-coyote

pkg:maven/org.apache.tomcat/tomcat-coyote

Vulnerabilities (24)

  • CVE-2017-5651CriApr 17, 2017
    affected >= 9.0.0.M1, < 9.0.0.M19fixed 9.0.0.M19

    In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This

  • CVE-2016-6816HigMar 20, 2017
    affected >= 9.0.0.M1, < 9.0.0.M12fixed 9.0.0.M12

    The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characte

  • CVE-2014-0095May 31, 2014
    affected >= 8.0.0-RC1, < 8.0.4fixed 8.0.4

    java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.

  • CVE-2014-0075May 31, 2014
    affected < 6.0.40fixed 6.0.40

    Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed c

Page 2 of 2