AVG-1204 log

Package tomcat8
Status Fixed
Severity High
Type denial of service
Affected 8.5.56-1
Fixed 8.5.57-1
Current 8.5.100-2 [extra]
Ticket None
Created Tue Jul 14 15:42:27 2020
Issue Severity Remote Type Description
CVE-2020-13935 High Yes Denial of service
An issue has been found in Apache Tomcat before 8.5.57 and before 9.0.37, where an h2c direct connection did not release the HTTP/1.1 processor after the...
CVE-2020-13934 High Yes Denial of service
An issue has been found in Apache Tomcat before 8.5.57 and before 9.0.37, where the payload length in a WebSocket frame was not correctly validated. Invalid...
References
https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57