CVE-2020-13934

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.

Published: Jul 14, 2020
Updated: Nov 8, 2023
CVE: CVE-2020-13934
GHSA: GHSA-vf77-8h7g-gghp
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Affected Software
References

Software	From	Fixed in
apache / tomcat	9.0.0-milestone10	9.0.0-milestone10.x
apache / tomcat	9.0.0-milestone11	9.0.0-milestone11.x
apache / tomcat	9.0.0-milestone12	9.0.0-milestone12.x
apache / tomcat	9.0.0-milestone13	9.0.0-milestone13.x
apache / tomcat	9.0.0-milestone14	9.0.0-milestone14.x
apache / tomcat	9.0.0-milestone15	9.0.0-milestone15.x
apache / tomcat	9.0.0-milestone16	9.0.0-milestone16.x
apache / tomcat	9.0.0-milestone17	9.0.0-milestone17.x
apache / tomcat	9.0.0-milestone18	9.0.0-milestone18.x
apache / tomcat	9.0.0-milestone19	9.0.0-milestone19.x
apache / tomcat	9.0.0-milestone20	9.0.0-milestone20.x
apache / tomcat	9.0.0-milestone21	9.0.0-milestone21.x
apache / tomcat	9.0.0-milestone22	9.0.0-milestone22.x
apache / tomcat	9.0.0-milestone23	9.0.0-milestone23.x
apache / tomcat	9.0.0-milestone24	9.0.0-milestone24.x
apache / tomcat	9.0.0-milestone25	9.0.0-milestone25.x
apache / tomcat	9.0.0-milestone26	9.0.0-milestone26.x
apache / tomcat	9.0.0-milestone27	9.0.0-milestone27.x
apache / tomcat	9.0.0-milestone5	9.0.0-milestone5.x
apache / tomcat	9.0.0-milestone6	9.0.0-milestone6.x
apache / tomcat	9.0.0-milestone7	9.0.0-milestone7.x
apache / tomcat	9.0.0-milestone8	9.0.0-milestone8.x
apache / tomcat	9.0.0-milestone9	9.0.0-milestone9.x
apache / tomcat	10.0.0-milestone3	10.0.0-milestone3.x
apache / tomcat	10.0.0-milestone4	10.0.0-milestone4.x
apache / tomcat	10.0.0-milestone2	10.0.0-milestone2.x
apache / tomcat	10.0.0-milestone1	10.0.0-milestone1.x
apache / tomcat	10.0.0-milestone5	10.0.0-milestone5.x
apache / tomcat	10.0.0-milestone6	10.0.0-milestone6.x
apache / tomcat	9.0.1	9.0.36.x
apache / tomcat	8.5.1	8.5.56.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x
netapp / oncommand_system_manager	3.0.0	3.1.3.x
opensuse / leap	15.1	15.1.x
opensuse / leap	15.2	15.2.x
canonical / ubuntu_linux	20.04	20.04.x
oracle / managed_file_transfer	12.2.1.3.0	12.2.1.3.0.x
oracle / instantis_enterprisetrack	17.1	17.1.x
oracle / instantis_enterprisetrack	17.2	17.2.x
oracle / instantis_enterprisetrack	17.3	17.3.x
oracle / agile_plm	9.3.3	9.3.3.x
oracle / agile_plm	9.3.5	9.3.5.x
oracle / agile_plm	9.3.6	9.3.6.x
oracle / workload_manager	18c	18c.x
oracle / workload_manager	19c	19c.x
oracle / workload_manager	12.2.0.1	12.2.0.1.x
oracle / agile_engineering_data_management	6.2.1.0	6.2.1.0.x
oracle / siebel_ui_framework	-	20.12.x
oracle / mysql_enterprise_monitor	-	8.0.21.x
oracle / managed_file_transfer	12.2.1.4.0	12.2.1.4.0.x
oracle / fmw_platform	12.2.1.4.0	12.2.1.4.0.x
oracle / fmw_platform	12.2.1.3.0	12.2.1.3.0.x
oracle / communications_instant_messaging_server	10.0.1.5.0	10.0.1.5.0.x
org.apache.tomcat / tomcat	10.0.0-M1	10.0.0-M6
org.apache.tomcat / tomcat	9.0.0.M5	9.0.36
org.apache.tomcat / tomcat	8.5.1	8.5.56

Vulnerability Database

289,599

CVE-2020-13934