[java-sig-commits] [Bug 1857040] CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS

16 Jul 2020


      https://bugzilla.redhat.com/show_bug.cgi?id=1857040
--- Comment #13 from Cedric Buissart 🐶 cbuissar@redhat.com ---
Statement:
Red Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8's
Identity Management, are using a vulnerable version of Tomcat, bundled into the
pki-servlet-engine component. However, HTTP/2 is not enabled in such a
configuration, and thus it is not possible to trigger the flaw in a supported
setup. A future update may fix the code.
-- 
You are receiving this mail because:
You are on the CC list for the bug.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

[java-sig-commits] [Bug 1857040] CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS