VDB
BIT-tomcat-2024-34750
BIT-tomcat-2024-34750
PUBLISHED
CVSS 7.5 HIGH
Apache Tomcat: HTTP/2 excess header handling DoS
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | tomcat | 9.0.0, 10.0.0, 9.0.0 |
Exploit Intelligence
- release-notes-18.12.15.tpl.php (github-poc)
- owasp-suppressions.xml (github-poc)
- cve_db.json (github-poc)
Timeline
- Jul 29, 2025 CVE Published
- Mar 20, 2026 CVE Updated
References
- https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l url
- https://nvd.nist.gov/vuln/detail/CVE-2024-34750 url
- https://security.netapp.com/advisory/ntap-20240816-0004/ url
- https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html url
- https://github.com/apache/tomcat/commit/2344a4c0d03e307ba6b8ab6dc8b894cc8bac63f2 url
- https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3 url
- https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f url