Total vulnerabilities in the database
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
| Software | From | Fixed in |
|---|---|---|
| apache / tomcat | 7.0.1 | 7.0.1.x |
| apache / tomcat | 7.0.2 | 7.0.2.x |
| apache / tomcat | 7.0.5 | 7.0.5.x |
| apache / tomcat | 7.0.0 | 7.0.0.x |
| apache / tomcat | 7.0.6 | 7.0.6.x |
| apache / tomcat | 7.0.4 | 7.0.4.x |
| apache / tomcat | 7.0.3 | 7.0.3.x |
| apache / tomcat | 6.0.6 | 6.0.6.x |
| apache / tomcat | 6.0.11 | 6.0.11.x |
| apache / tomcat | 6.0.7 | 6.0.7.x |
| apache / tomcat | 6.0.4 | 6.0.4.x |
| apache / tomcat | 6.0.15 | 6.0.15.x |
| apache / tomcat | 6.0.20 | 6.0.20.x |
| apache / tomcat | 6.0.10 | 6.0.10.x |
| apache / tomcat | 6.0.29 | 6.0.29.x |
| apache / tomcat | 6.0.3 | 6.0.3.x |
| apache / tomcat | 6.0.9 | 6.0.9.x |
| apache / tomcat | 6.0.24 | 6.0.24.x |
| apache / tomcat | 6.0.17 | 6.0.17.x |
| apache / tomcat | 6.0.28 | 6.0.28.x |
| apache / tomcat | 6.0.0 | 6.0.0.x |
| apache / tomcat | 6.0.14 | 6.0.14.x |
| apache / tomcat | 6.0.1 | 6.0.1.x |
| apache / tomcat | 6.0.12 | 6.0.12.x |
| apache / tomcat | 6.0.18 | 6.0.18.x |
| apache / tomcat | 6.0.5 | 6.0.5.x |
| apache / tomcat | 6.0.30 | 6.0.30.x |
| apache / tomcat | 6.0.2 | 6.0.2.x |
| apache / tomcat | 6.0.13 | 6.0.13.x |
| apache / tomcat | 6.0.26 | 6.0.26.x |
| apache / tomcat | 6.0.19 | 6.0.19.x |
| apache / tomcat | 6.0.27 | 6.0.27.x |
| apache / tomcat | 6.0.16 | 6.0.16.x |
| apache / tomcat | 6.0.8 | 6.0.8.x |