Description An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
CVSS vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Exploitability: 3.9 | Impact: 3.6 Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: None
Availability: High
Affected Packages16 packages ▶ CVEListV5 apache_tomcat Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36, 8.5.1 to 8.5.56 Show 11 more packages Also affects: Debian Linux 10.0, 9.0, Ubuntu Linux 20.04
🔴 Vulnerability Details5 GHSA Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat ↗ 2022-02-08 ▶ OSV Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat ↗ 2022-02-08 ▶ OSV tomcat9 vulnerabilities ↗ 2020-10-21 ▶ OSV CVE-2020-13934: An h2c direct connection to Apache Tomcat 10 ↗ 2020-07-14 ▶ CVEList CVE-2020-13934: An h2c direct connection to Apache Tomcat 10 ↗ 2020-07-14 ▶
📋 Vendor Advisories4 Ubuntu Tomcat vulnerabilities ↗ 2020-10-21 ▶ Red Hat tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS ↗ 2020-07-15 ▶ Debian CVE-2020-13934: tomcat9 - An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.... ↗ 2020 ▶ Apache Apache tomcat: CVE-2020-13934 ↗ ▶
💬 Community2 Bugzilla CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS [fedora-all] ↗ 2020-08-10 ▶ Bugzilla CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS ↗ 2020-07-15 ▶