Apache : Security Vulnerabilities, CVEs, Published In August 2017 (Denial of service)

CVE-2016-6817

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.
Max CVSS
7.5
EPSS Score
2.53%
Published
2017-08-10
Updated
2023-12-08

CVE-2012-0880

Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.
Max CVSS
7.8
EPSS Score
0.09%
Published
2017-08-08
Updated
2017-08-18

CVE-2010-2245

XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document.
Max CVSS
7.4
EPSS Score
0.09%
Published
2017-08-08
Updated
2017-08-16
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close