EPSS
Percentile
54.9%
tomcat-coyote is vulnerable to authorization bypass. The library’s implementation of HTTP/2 bypasses several security checks, allowing a malicious user to conduct a directory traversal through a malicious URL.
tomcat.apache.org/security-8.html
tomcat.apache.org/security-9.html
bz.apache.org/bugzilla/show_bug.cgi?id=61120