VYPR

rpm package

suse/apache-commons-pool2&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

pkg:rpm/suse/apache-commons-pool2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Vulnerabilities (2)

  • CVE-2024-23672Mar 13, 2024
    affected < 2.4.2-150200.11.8.1fixed 2.4.2-150200.11.8.1

    Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through

  • CVE-2024-24549Mar 13, 2024
    affected < 2.4.2-150200.11.8.1fixed 2.4.2-150200.11.8.1

    Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers ha