CVE-2024-21733

Generation of Error Message Containing Sensitive Information in maven/org.apache.tomcat/tomcat

Identifiers

GHSA-f4qf-m5gf-8jm8, CVE-2024-21733

Package Slug

maven/org.apache.tomcat/tomcat

Vulnerability

Generation of Error Message Containing Sensitive Information

Description

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.

Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

Affected Versions

All versions starting from 8.5.7 before 8.5.64, all versions starting from 9.0.0-m11 before 9.0.44

Solution

Upgrade to versions 8.5.64, 9.0.44 or above.

Last Modified

2024-01-30

source