tomcat security update

2023-10-2400:00:00

linux.oracle.com

tomcat

security

update

http/2

web servers

ddos

cve-2023-44487

rapid reset attack

AI Score

8.1

Confidence

High

EPSS

0.816

Percentile

98.4%

JSON

[1:9.0.62-5.2]

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
(CVE-2023-44487)

OSVersionArchitecturePackageVersionFilename
oracle linux8srctomcat< 9.0.62-5.el8_8.2tomcat-9.0.62-5.el8_8.2.src.rpm
oracle linux8noarchtomcat< 9.0.62-5.el8_8.2tomcat-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-admin-webapps< 9.0.62-5.el8_8.2tomcat-admin-webapps-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-docs-webapp< 9.0.62-5.el8_8.2tomcat-docs-webapp-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-el-3.0-api< 9.0.62-5.el8_8.2tomcat-el-3.0-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-jsp-2.3-api< 9.0.62-5.el8_8.2tomcat-jsp-2.3-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-lib< 9.0.62-5.el8_8.2tomcat-lib-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-servlet-4.0-api< 9.0.62-5.el8_8.2tomcat-servlet-4.0-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8noarchtomcat-webapps< 9.0.62-5.el8_8.2tomcat-webapps-9.0.62-5.el8_8.2.noarch.rpm
oracle linux8srctomcat< 9.0.62-5.el8_8.2tomcat-9.0.62-5.el8_8.2.src.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	tomcat	< 9.0.62-5.el8_8.2	tomcat-9.0.62-5.el8_8.2.src.rpm
oracle linux	8	noarch	tomcat	< 9.0.62-5.el8_8.2	tomcat-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-admin-webapps	< 9.0.62-5.el8_8.2	tomcat-admin-webapps-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-docs-webapp	< 9.0.62-5.el8_8.2	tomcat-docs-webapp-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-el-3.0-api	< 9.0.62-5.el8_8.2	tomcat-el-3.0-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-jsp-2.3-api	< 9.0.62-5.el8_8.2	tomcat-jsp-2.3-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-lib	< 9.0.62-5.el8_8.2	tomcat-lib-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-servlet-4.0-api	< 9.0.62-5.el8_8.2	tomcat-servlet-4.0-api-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	noarch	tomcat-webapps	< 9.0.62-5.el8_8.2	tomcat-webapps-9.0.62-5.el8_8.2.noarch.rpm
oracle linux	8	src	tomcat	< 9.0.62-5.el8_8.2	tomcat-9.0.62-5.el8_8.2.src.rpm