CVE-2023-28709

Off-by-one Error in maven/org.apache.tomcat/tomcat

Identifiers

CVE-2023-28709

Package Slug

maven/org.apache.tomcat/tomcat

Vulnerability

Off-by-one Error

Description

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.

Affected Versions

All versions starting from 8.5.85 up to 8.5.87, all versions starting from 9.0.71 up to 9.0.73, all versions starting from 10.1.5 up to 10.1.7, version 11.0.0

Solution

Upgrade to versions 8.5.88, 9.0.74, 10.1.8 or above.

Last Modified

2023-05-29

source