Common Weakness Enumeration

CWE-755

Discouraged

Improper Handling of Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not handle or incorrectly handles an exceptional condition.

685 vulnerabilities reference this CWE, most recent first.

GHSA-W8GR-QR68-9PM5

Vulnerability from github – Published: 2023-04-22 03:30 – Updated: 2024-04-04 03:38
VLAI
Details

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0204"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-22T03:15:09Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.",
  "id": "GHSA-w8gr-qr68-9pm5",
  "modified": "2024-04-04T03:38:31Z",
  "published": "2023-04-22T03:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0204"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5459"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W8VQ-3HF9-XPPX

Vulnerability from github – Published: 2023-09-07 12:58 – Updated: 2023-09-08 21:04
VLAI
Summary
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service
Details

Impact

This is a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. It can be triggered when all of the following conditions are met:

  1. Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 ("impacted versions"); and
  2. The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration) has a subscription type with root-fields defined; and
  3. The YAML configuration provided to the Router has subscriptions enabled (they are disabled by default), either by setting enabled: true or by setting a valid mode within the subscriptions object (as seen in subscriptions' documentation); and
  4. An anonymous (i.e., un-named) subscription operation (e.g., subscription { ... }) is received by the Router

If all four of these criteria are met, the impacted versions will panic and terminate. There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability.

Depending on the environment in which impacted versions are running and the high-availability characteristics of that environment, a single Router's termination may result in limited or reduced availability or other knock-on effects which are deployment-specific (e.g., depending on if there are multiple instances, auto-restart policies, etc.)

Discovery

This vulnerability was discovered by an internal Apollo team. We have no reports or evidence to support that that has been exploited outside of our own testing, research and follow-up.

Our public security policy can be reviewed at https://github.com/apollographql/router/security/policy and we consider the security of our projects a top priority. Please review the linked policy for more details.

Patches

This is fixed in Apollo Router v1.29.1, which is available on:

We recommend all users running the impacted configuration above to update to a patched version of the Router immediately. Router v1.29.1 should be a very simple upgrade from any impacted version.

Workarounds

Updating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions. However, if Subscriptions are not necessary for your Graph – but are enabled via configuration — then disabling subscriptions is another option to mitigate the risk.

For more information

If you have any questions or comments about this advisory:

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.29.0"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "apollo-router"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.28.0"
            },
            {
              "fixed": "1.29.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-41317"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-07T12:58:29Z",
    "nvd_published_at": "2023-09-05T19:15:48Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThis is a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled.  It can be triggered when **all of the following conditions are met**:\n\n1. Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 (\"impacted versions\"); **and**\n2. The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration)\u00a0**has a `subscription` type** with root-fields defined; **and**\n3. The YAML configuration provided to the Router **has subscriptions enabled** (they are _disabled_ by default), either by setting `enabled: true` _or_ by setting a valid `mode` within the `subscriptions` object (as seen in [subscriptions\u0027 documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup)); **and**\n4. An [anonymous](https://spec.graphql.org/draft/#sec-Anonymous-Operation-Definitions) (i.e., un-named) `subscription` operation (e.g., `subscription { ... }`) is received by the Router\n\nIf **all four** of these criteria are met, the impacted versions will panic and terminate.  There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability.\n\nDepending on the environment in which impacted versions are running and the high-availability characteristics of that environment, a single Router\u0027s termination may result in limited or reduced availability or other knock-on effects which are deployment-specific (e.g., depending on if there are multiple instances, auto-restart policies, etc.)\n\n### Discovery\n\nThis vulnerability was discovered by an internal Apollo team.  We have no reports or evidence to support that that has been exploited outside of our own testing, research and follow-up.\n\nOur public security policy can be reviewed at https://github.com/apollographql/router/security/policy and we consider the security of our projects a top priority.  Please review the linked policy for more details.\n\n### Patches\n\nThis is fixed in [Apollo Router v1.29.1](https://github.com/apollographql/router/releases/tag/v1.29.1), which is available on:\n\n- [GitHub Releases](https://github.com/apollographql/router/releases) as `v1.29.1`\n- [GitHub Packages Container Registry](https://github.com/apollographql/router/pkgs/container/router) as `v1.29.1`\n- [Helm Chart Repository](https://github.com/apollographql/router/pkgs/container/helm-charts%2Frouter) as `1.29.1` (without the `v`)\n\nWe recommend all users running the impacted configuration above to update to a patched version of the Router immediately.  Router v1.29.1 should be a very simple upgrade from any impacted version. \n\n### Workarounds\n\nUpdating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions.  However, if Subscriptions are **not** necessary for your Graph \u2013 but are enabled via configuration \u2014 then disabling subscriptions is another option to mitigate the risk.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [the `router` repository](https://github.com/apollographql/router)\n* Email us at `security` `[at]` `apollographql` `[dot]` `com`",
  "id": "GHSA-w8vq-3hf9-xppx",
  "modified": "2023-09-08T21:04:38Z",
  "published": "2023-09-07T12:58:29Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/apollographql/router/security/advisories/GHSA-w8vq-3hf9-xppx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41317"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apollographql/router/commit/b295c103dd86c57c848397d32e8094edfa8502aa"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apollographql/router"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apollographql/router/releases/tag/v1.29.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apollo Router Unnamed \"Subscription\" operation results in Denial-of-Service"
}

GHSA-W9FC-5FG9-FGPH

Vulnerability from github – Published: 2021-12-09 00:00 – Updated: 2021-12-15 00:01
VLAI
Details

An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-23859"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-08T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859",
  "id": "GHSA-w9fc-5fg9-fgph",
  "modified": "2021-12-15T00:01:48Z",
  "published": "2021-12-09T00:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23859"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-W9MH-5X8J-9754

Vulnerability from github – Published: 2024-07-05 20:06 – Updated: 2024-07-05 21:37
VLAI
Summary
Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to
Details

Impact

The fix for GHSA-wm4w-7h2q-3pf7 / CVE-2024-32000 included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the event they're replying to when determining whether or not to include a truncated version of the original event in the IRC message. Since this value is controlled by external entities, a malicious Matrix homeserver joined to a room in which a matrix-appservice-irc bridge instance (before version 2.0.1) is present can fabricate the timestamp with the intent of tricking the bridge into leaking room messages the homeserver should not have access to.

Patches

matrix-appservice-irc 2.0.1 drops the reliance on origin_server_ts when determining whether or not an event should be visible to a user, instead tracking the event timestamps internally.

Workarounds

It's possible to limit the amount of information leaked by setting a reply template that doesn't contain the original message. See these lines in the configuration file.

References

  • Patch: https://github.com/matrix-org/matrix-appservice-irc/pull/1804

For more information

If you have any questions or comments about this advisory, please email us at security at matrix.org.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.0.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "matrix-appservice-irc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-39691"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-280",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-05T20:06:06Z",
    "nvd_published_at": "2024-07-05T19:15:10Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThe fix for GHSA-wm4w-7h2q-3pf7 / [CVE-2024-32000](https://www.cve.org/CVERecord?id=CVE-2024-32000) included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the event they\u0027re replying to when determining whether or not to include a truncated version of the original event in the IRC message. Since this value is controlled by external entities, a malicious Matrix homeserver joined to a room in which a matrix-appservice-irc bridge instance (before version 2.0.1) is present can fabricate the timestamp with the intent of tricking the bridge into leaking room messages the homeserver should not have access to.\n\n### Patches\n\nmatrix-appservice-irc 2.0.1 [drops the reliance](https://github.com/matrix-org/matrix-appservice-irc/pull/1804) on `origin_server_ts` when determining whether or not an event should be visible to a user, instead tracking the event timestamps internally.\n\n### Workarounds\n\nIt\u0027s possible to limit the amount of information leaked by setting a reply template that doesn\u0027t contain the original message. See [these lines](https://github.com/matrix-org/matrix-appservice-irc/blob/d5d67d1d3ea3f0f6962a0af2cc57b56af3ad2129/config.sample.yaml#L601-L604) in the configuration file.\n\n### References\n\n- Patch: https://github.com/matrix-org/matrix-appservice-irc/pull/1804\n\n### For more information\n\nIf you have any questions or comments about this advisory, please email us at [security at matrix.org](mailto:security@matrix.org).",
  "id": "GHSA-w9mh-5x8j-9754",
  "modified": "2024-07-05T21:37:31Z",
  "published": "2024-07-05T20:06:06Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-w9mh-5x8j-9754"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39691"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-appservice-irc/pull/1804"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-appservice-irc/commit/1835e047f269001054be4c68867797aa12372a0f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/matrix-org/matrix-appservice-irc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-appservice-irc/blob/d5d67d1d3ea3f0f6962a0af2cc57b56af3ad2129/config.sample.yaml#L601-L604"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Matrix homeserver can leak truncated message content of messages it shouldn\u0027t have access to"
}

GHSA-W9XX-XHPG-C678

Vulnerability from github – Published: 2024-04-05 21:32 – Updated: 2025-10-22 00:33
VLAI
Details

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-280",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-05T20:15:08Z",
    "severity": "HIGH"
  },
  "details": "there is a possible way to bypass  due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
  "id": "GHSA-w9xx-xhpg-c678",
  "modified": "2025-10-22T00:33:00Z",
  "published": "2024-04-05T21:32:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29748"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
    },
    {
      "type": "WEB",
      "url": "https://twitter.com/GrapheneOS/status/1775308208472813609"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-29748"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WC24-PW3J-J6VW

Vulnerability from github – Published: 2023-09-30 21:31 – Updated: 2023-11-16 03:30
VLAI
Details

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-44488"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-30T20:15:10Z",
    "severity": "HIGH"
  },
  "details": "VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.",
  "id": "GHSA-wc24-pw3j-j6vw",
  "modified": "2023-11-16T03:30:19Z",
  "published": "2023-09-30T21:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44488"
    },
    {
      "type": "WEB",
      "url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806"
    },
    {
      "type": "WEB",
      "url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202310-04"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5518"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WCHP-7C65-4HQG

Vulnerability from github – Published: 2023-12-14 21:31 – Updated: 2023-12-19 21:32
VLAI
Details

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-41151"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-14T19:15:16Z",
    "severity": "HIGH"
  },
  "details": "An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.",
  "id": "GHSA-wchp-7c65-4hqg",
  "modified": "2023-12-19T21:32:19Z",
  "published": "2023-12-14T21:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41151"
    },
    {
      "type": "WEB",
      "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WJ2P-G4WR-M64X

Vulnerability from github – Published: 2024-01-12 03:30 – Updated: 2024-01-19 15:30
VLAI
Details

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48619"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-12T03:15:08Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
  "id": "GHSA-wj2p-g4wr-m64x",
  "modified": "2024-01-19T15:30:18Z",
  "published": "2024-01-12T03:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48619"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/409353cbe9fe48f6bc196114c442b1cff05a39bc"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WM9W-RJJ3-J356

Vulnerability from github – Published: 2024-07-03 21:39 – Updated: 2025-11-03 21:31
VLAI
Summary
Apache Tomcat - Denial of Service
Details

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100.

Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M1"
            },
            {
              "fixed": "11.0.0-M21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.0-M1"
            },
            {
              "fixed": "10.1.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0-M1"
            },
            {
              "fixed": "9.0.90"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-coyote"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M1"
            },
            {
              "fixed": "11.0.0-M21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-coyote"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.0-M1"
            },
            {
              "fixed": "10.1.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-coyote"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0-M1"
            },
            {
              "fixed": "9.0.90"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-coyote"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "last_affected": "8.5.100"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "last_affected": "8.5.100"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-34750"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-05T20:39:41Z",
    "nvd_published_at": "2024-07-03T20:15:04Z",
    "severity": "HIGH"
  },
  "details": "Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. \n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100.\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.",
  "id": "GHSA-wm9w-rjj3-j356",
  "modified": "2025-11-03T21:31:11Z",
  "published": "2024-07-03T21:39:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34750"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/2344a4c0d03e307ba6b8ab6dc8b894cc8bac63f2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240816-0004"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-10.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-11.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-9.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Tomcat - Denial of Service"
}

GHSA-WMPM-9R6P-RPWW

Vulnerability from github – Published: 2024-01-24 21:30 – Updated: 2025-06-20 21:31
VLAI
Details

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42146"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-303",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-24T19:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).",
  "id": "GHSA-wmpm-9r6p-rpww",
  "modified": "2025-06-20T21:31:54Z",
  "published": "2024-01-24T21:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42146"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2024/Jan/19"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jan/19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.