Rewterz Threat Advisory – CVE-2020-12414 – Mozilla Firefox for iOS weak security
June 29, 2020Rewterz Threat Alert – LokiBot Malware – IOCs
June 29, 2020Rewterz Threat Advisory – CVE-2020-12414 – Mozilla Firefox for iOS weak security
June 29, 2020Rewterz Threat Alert – LokiBot Malware – IOCs
June 29, 2020Severity
Medium
Analysis Summary
Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted sequence of HTTP/2 requests, a remote attacker could exploit this vulnerability to trigger high CPU usage for several seconds.
Impact
Denial of service
Affected Vendors
Apache Tomcat
Affected Products
- Apache Tomcat 10.0.0-M1 to 10.0.0-M5
- Apache Tomcat 9.0.0.M1 to 9.0.35
- Apache Tomcat 8.5.0 to 8.5.55
Remediation
Upgrade to the latest version of Tomcat (10.0.0-M6, 9.0.36, 8.5.56 or later).