Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
Vulnerability Intelligence
SUSE-SU-2024:3510-1
SUSE-SU-2024:3510-1
UNKNOWN
Security update for tomcat
Published Oct 2, 2024
Modified 1 years ago
Fix available
Details
This update for tomcat fixes the following issues:
CVE-2024-38286: OutOfMemory exception triggered through abuse of the TLS handshake process. (bsc#1230986)
Affected Packages
tomcat
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-admin-webapps
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-docs-webapp
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-el-3_0-api
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-javadoc
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-jsp-2_3-api
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-lib
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-servlet-4_0-api
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
tomcat-webapps
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Fixed in:
9.0.36-3.130.1
References
REPORT
https://bugzilla.suse.com/1230986
WEB
https://www.suse.com/security/cve/CVE-2024-38286
ADVISORY
https://www.suse.com/support/update/announcement/2024/suse-su-20243510-1/
Upstream
CVE-2024-38286
Related
CVE-2024-38286
Ecosystems
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Timeline
Published
Oct 2, 2024
Modified
Oct 2, 2024
SUSE-SU-2024:3510-1 | Mondoo Vulnerability Intelligence