CWE-755
DiscouragedImproper Handling of Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not handle or incorrectly handles an exceptional condition.
685 vulnerabilities reference this CWE, most recent first.
GHSA-W8GR-QR68-9PM5
Vulnerability from github – Published: 2023-04-22 03:30 – Updated: 2024-04-04 03:38NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.
{
"affected": [],
"aliases": [
"CVE-2023-0204"
],
"database_specific": {
"cwe_ids": [
"CWE-703",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-22T03:15:09Z",
"severity": "HIGH"
},
"details": "NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.",
"id": "GHSA-w8gr-qr68-9pm5",
"modified": "2024-04-04T03:38:31Z",
"published": "2023-04-22T03:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0204"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5459"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W8VQ-3HF9-XPPX
Vulnerability from github – Published: 2023-09-07 12:58 – Updated: 2023-09-08 21:04Impact
This is a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. It can be triggered when all of the following conditions are met:
- Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 ("impacted versions"); and
- The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration) has a
subscriptiontype with root-fields defined; and - The YAML configuration provided to the Router has subscriptions enabled (they are disabled by default), either by setting
enabled: trueor by setting a validmodewithin thesubscriptionsobject (as seen in subscriptions' documentation); and - An anonymous (i.e., un-named)
subscriptionoperation (e.g.,subscription { ... }) is received by the Router
If all four of these criteria are met, the impacted versions will panic and terminate. There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability.
Depending on the environment in which impacted versions are running and the high-availability characteristics of that environment, a single Router's termination may result in limited or reduced availability or other knock-on effects which are deployment-specific (e.g., depending on if there are multiple instances, auto-restart policies, etc.)
Discovery
This vulnerability was discovered by an internal Apollo team. We have no reports or evidence to support that that has been exploited outside of our own testing, research and follow-up.
Our public security policy can be reviewed at https://github.com/apollographql/router/security/policy and we consider the security of our projects a top priority. Please review the linked policy for more details.
Patches
This is fixed in Apollo Router v1.29.1, which is available on:
- GitHub Releases as
v1.29.1 - GitHub Packages Container Registry as
v1.29.1 - Helm Chart Repository as
1.29.1(without thev)
We recommend all users running the impacted configuration above to update to a patched version of the Router immediately. Router v1.29.1 should be a very simple upgrade from any impacted version.
Workarounds
Updating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions. However, if Subscriptions are not necessary for your Graph – but are enabled via configuration — then disabling subscriptions is another option to mitigate the risk.
For more information
If you have any questions or comments about this advisory:
- Open an issue in the
routerrepository - Email us at
security[at]apollographql[dot]com
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.29.0"
},
"package": {
"ecosystem": "crates.io",
"name": "apollo-router"
},
"ranges": [
{
"events": [
{
"introduced": "1.28.0"
},
{
"fixed": "1.29.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-41317"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2023-09-07T12:58:29Z",
"nvd_published_at": "2023-09-05T19:15:48Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThis is a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. It can be triggered when **all of the following conditions are met**:\n\n1. Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 (\"impacted versions\"); **and**\n2. The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration)\u00a0**has a `subscription` type** with root-fields defined; **and**\n3. The YAML configuration provided to the Router **has subscriptions enabled** (they are _disabled_ by default), either by setting `enabled: true` _or_ by setting a valid `mode` within the `subscriptions` object (as seen in [subscriptions\u0027 documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup)); **and**\n4. An [anonymous](https://spec.graphql.org/draft/#sec-Anonymous-Operation-Definitions) (i.e., un-named) `subscription` operation (e.g., `subscription { ... }`) is received by the Router\n\nIf **all four** of these criteria are met, the impacted versions will panic and terminate. There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability.\n\nDepending on the environment in which impacted versions are running and the high-availability characteristics of that environment, a single Router\u0027s termination may result in limited or reduced availability or other knock-on effects which are deployment-specific (e.g., depending on if there are multiple instances, auto-restart policies, etc.)\n\n### Discovery\n\nThis vulnerability was discovered by an internal Apollo team. We have no reports or evidence to support that that has been exploited outside of our own testing, research and follow-up.\n\nOur public security policy can be reviewed at https://github.com/apollographql/router/security/policy and we consider the security of our projects a top priority. Please review the linked policy for more details.\n\n### Patches\n\nThis is fixed in [Apollo Router v1.29.1](https://github.com/apollographql/router/releases/tag/v1.29.1), which is available on:\n\n- [GitHub Releases](https://github.com/apollographql/router/releases) as `v1.29.1`\n- [GitHub Packages Container Registry](https://github.com/apollographql/router/pkgs/container/router) as `v1.29.1`\n- [Helm Chart Repository](https://github.com/apollographql/router/pkgs/container/helm-charts%2Frouter) as `1.29.1` (without the `v`)\n\nWe recommend all users running the impacted configuration above to update to a patched version of the Router immediately. Router v1.29.1 should be a very simple upgrade from any impacted version. \n\n### Workarounds\n\nUpdating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions. However, if Subscriptions are **not** necessary for your Graph \u2013 but are enabled via configuration \u2014 then disabling subscriptions is another option to mitigate the risk.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [the `router` repository](https://github.com/apollographql/router)\n* Email us at `security` `[at]` `apollographql` `[dot]` `com`",
"id": "GHSA-w8vq-3hf9-xppx",
"modified": "2023-09-08T21:04:38Z",
"published": "2023-09-07T12:58:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/apollographql/router/security/advisories/GHSA-w8vq-3hf9-xppx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41317"
},
{
"type": "WEB",
"url": "https://github.com/apollographql/router/commit/b295c103dd86c57c848397d32e8094edfa8502aa"
},
{
"type": "PACKAGE",
"url": "https://github.com/apollographql/router"
},
{
"type": "WEB",
"url": "https://github.com/apollographql/router/releases/tag/v1.29.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Apollo Router Unnamed \"Subscription\" operation results in Denial-of-Service"
}
GHSA-W9FC-5FG9-FGPH
Vulnerability from github – Published: 2021-12-09 00:00 – Updated: 2021-12-15 00:01An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859
{
"affected": [],
"aliases": [
"CVE-2021-23859"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-08T22:15:00Z",
"severity": "HIGH"
},
"details": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859",
"id": "GHSA-w9fc-5fg9-fgph",
"modified": "2021-12-15T00:01:48Z",
"published": "2021-12-09T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23859"
},
{
"type": "WEB",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W9MH-5X8J-9754
Vulnerability from github – Published: 2024-07-05 20:06 – Updated: 2024-07-05 21:37Impact
The fix for GHSA-wm4w-7h2q-3pf7 / CVE-2024-32000 included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the event they're replying to when determining whether or not to include a truncated version of the original event in the IRC message. Since this value is controlled by external entities, a malicious Matrix homeserver joined to a room in which a matrix-appservice-irc bridge instance (before version 2.0.1) is present can fabricate the timestamp with the intent of tricking the bridge into leaking room messages the homeserver should not have access to.
Patches
matrix-appservice-irc 2.0.1 drops the reliance on origin_server_ts when determining whether or not an event should be visible to a user, instead tracking the event timestamps internally.
Workarounds
It's possible to limit the amount of information leaked by setting a reply template that doesn't contain the original message. See these lines in the configuration file.
References
- Patch: https://github.com/matrix-org/matrix-appservice-irc/pull/1804
For more information
If you have any questions or comments about this advisory, please email us at security at matrix.org.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.0.0"
},
"package": {
"ecosystem": "npm",
"name": "matrix-appservice-irc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-39691"
],
"database_specific": {
"cwe_ids": [
"CWE-280",
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2024-07-05T20:06:06Z",
"nvd_published_at": "2024-07-05T19:15:10Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThe fix for GHSA-wm4w-7h2q-3pf7 / [CVE-2024-32000](https://www.cve.org/CVERecord?id=CVE-2024-32000) included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the event they\u0027re replying to when determining whether or not to include a truncated version of the original event in the IRC message. Since this value is controlled by external entities, a malicious Matrix homeserver joined to a room in which a matrix-appservice-irc bridge instance (before version 2.0.1) is present can fabricate the timestamp with the intent of tricking the bridge into leaking room messages the homeserver should not have access to.\n\n### Patches\n\nmatrix-appservice-irc 2.0.1 [drops the reliance](https://github.com/matrix-org/matrix-appservice-irc/pull/1804) on `origin_server_ts` when determining whether or not an event should be visible to a user, instead tracking the event timestamps internally.\n\n### Workarounds\n\nIt\u0027s possible to limit the amount of information leaked by setting a reply template that doesn\u0027t contain the original message. See [these lines](https://github.com/matrix-org/matrix-appservice-irc/blob/d5d67d1d3ea3f0f6962a0af2cc57b56af3ad2129/config.sample.yaml#L601-L604) in the configuration file.\n\n### References\n\n- Patch: https://github.com/matrix-org/matrix-appservice-irc/pull/1804\n\n### For more information\n\nIf you have any questions or comments about this advisory, please email us at [security at matrix.org](mailto:security@matrix.org).",
"id": "GHSA-w9mh-5x8j-9754",
"modified": "2024-07-05T21:37:31Z",
"published": "2024-07-05T20:06:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-w9mh-5x8j-9754"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39691"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/matrix-appservice-irc/pull/1804"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/matrix-appservice-irc/commit/1835e047f269001054be4c68867797aa12372a0f"
},
{
"type": "PACKAGE",
"url": "https://github.com/matrix-org/matrix-appservice-irc"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/matrix-appservice-irc/blob/d5d67d1d3ea3f0f6962a0af2cc57b56af3ad2129/config.sample.yaml#L601-L604"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Malicious Matrix homeserver can leak truncated message content of messages it shouldn\u0027t have access to"
}
GHSA-W9XX-XHPG-C678
Vulnerability from github – Published: 2024-04-05 21:32 – Updated: 2025-10-22 00:33there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2024-29748"
],
"database_specific": {
"cwe_ids": [
"CWE-280",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-05T20:15:08Z",
"severity": "HIGH"
},
"details": "there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
"id": "GHSA-w9xx-xhpg-c678",
"modified": "2025-10-22T00:33:00Z",
"published": "2024-04-05T21:32:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29748"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
},
{
"type": "WEB",
"url": "https://twitter.com/GrapheneOS/status/1775308208472813609"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-29748"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WC24-PW3J-J6VW
Vulnerability from github – Published: 2023-09-30 21:31 – Updated: 2023-11-16 03:30VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
{
"affected": [],
"aliases": [
"CVE-2023-44488"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-30T20:15:10Z",
"severity": "HIGH"
},
"details": "VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.",
"id": "GHSA-wc24-pw3j-j6vw",
"modified": "2023-11-16T03:30:19Z",
"published": "2023-09-30T21:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44488"
},
{
"type": "WEB",
"url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f"
},
{
"type": "WEB",
"url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806"
},
{
"type": "WEB",
"url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1"
},
{
"type": "WEB",
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5518"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WCHP-7C65-4HQG
Vulnerability from github – Published: 2023-12-14 21:31 – Updated: 2023-12-19 21:32An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
{
"affected": [],
"aliases": [
"CVE-2023-41151"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-14T19:15:16Z",
"severity": "HIGH"
},
"details": "An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.",
"id": "GHSA-wchp-7c65-4hqg",
"modified": "2023-12-19T21:32:19Z",
"published": "2023-12-14T21:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41151"
},
{
"type": "WEB",
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJ2P-G4WR-M64X
Vulnerability from github – Published: 2024-01-12 03:30 – Updated: 2024-01-19 15:30An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.
{
"affected": [],
"aliases": [
"CVE-2022-48619"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-12T03:15:08Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
"id": "GHSA-wj2p-g4wr-m64x",
"modified": "2024-01-19T15:30:18Z",
"published": "2024-01-12T03:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48619"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/409353cbe9fe48f6bc196114c442b1cff05a39bc"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WM9W-RJJ3-J356
Vulnerability from github – Published: 2024-07-03 21:39 – Updated: 2025-11-03 21:31Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100.
Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M1"
},
{
"fixed": "11.0.0-M21"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0-M1"
},
{
"fixed": "10.1.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-M1"
},
{
"fixed": "9.0.90"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M1"
},
{
"fixed": "11.0.0-M21"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0-M1"
},
{
"fixed": "10.1.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-M1"
},
{
"fixed": "9.0.90"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-coyote"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.0"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.0"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-34750"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2024-07-05T20:39:41Z",
"nvd_published_at": "2024-07-03T20:15:04Z",
"severity": "HIGH"
},
"details": "Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. \n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100.\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.",
"id": "GHSA-wm9w-rjj3-j356",
"modified": "2025-11-03T21:31:11Z",
"published": "2024-07-03T21:39:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34750"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/2344a4c0d03e307ba6b8ab6dc8b894cc8bac63f2"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240816-0004"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-10.html"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-11.html"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-9.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache Tomcat - Denial of Service"
}
GHSA-WMPM-9R6P-RPWW
Vulnerability from github – Published: 2024-01-24 21:30 – Updated: 2025-06-20 21:31An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).
{
"affected": [],
"aliases": [
"CVE-2021-42146"
],
"database_specific": {
"cwe_ids": [
"CWE-303",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-24T19:15:08Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).",
"id": "GHSA-wmpm-9r6p-rpww",
"modified": "2025-06-20T21:31:54Z",
"published": "2024-01-24T21:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42146"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2024/Jan/19"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jan/19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.