virus logo FortiClient Vulnerability

Apache Tomcat CVE-2021-41079 Input Validation Bypass Vulnerability

description-logoDescription

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2021-41079

Other References

http://tomcat.apache.org/security.html
ID 70294
Created Jan 12, 2022
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Apache
Patch manual
Application Apache Tomcat