Uncontrolled Resource Consumption in Apache Tomcat Affects Performance
CVE-2024-54677
5.3MEDIUM
What is CVE-2024-54677?
The uncontrolled resource consumption vulnerability found in the examples web application of Apache Tomcat allows attackers to potentially exhaust server resources, leading to a denial of service. This affects multiple versions of Apache Tomcat, including those as recent as 11.0.1. To mitigate this issue, users are strongly encouraged to upgrade to the patched versions 11.0.2, 10.1.34, or 9.0.98 as soon as possible.
Affected Version(s)
Apache Tomcat 11.0.0-M1 <= 11.0.1
Apache Tomcat 10.1.0-M1 <= 10.1.33
Apache Tomcat 9.0.0.M1 <= 9.0.97