VDB
CNVD-2023-42970
CNVD-2023-42970
PUBLISHED
Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。 Apache Tomcat存在拒绝服务漏洞,该漏洞源于未对输入的错误消息做正确的处理,攻击者利用该漏洞导致系统拒绝服务。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Software Foundation | Apache Tomcat | 11.0.0-M2, 10.1.5, 9.0.71 |
Exploit Intelligence
- validation de l'exploitabilité d'une CVE (github-poc)
- validation de l'exploitabilité d'une CVE (github-poc)
- Spring Web 5.x with `org.springframework.remoting` package removed, to fix CVE-2016-1000027. (github-poc)
- Spring Web 5.x with `org.springframework.remoting` package removed, to fix CVE-2016-1000027. (github-poc)
- Mitigated version for CVE-2016-1000027 spring web. (github-poc)
- Mitigated version for CVE-2016-1000027 spring web. (github-poc)
- PoC for CVE-2016-1000027 (github-poc)
- PoC for CVE-2016-1000027 (github-poc)
- A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE project by @Sn0wAlice (github-poc)
- A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE project by @Sn0wAlice (github-poc)
…and 7 more exploits
Timeline
- Sep 15, 2019 CVE Published
- Apr 28, 2025 PoC Published
- Apr 1, 2026 Distribution Patch