Apache Releases Security Update for Apache Tomcat
Apache releases security update to fix a denial-of-service vulnerability in Apache Tomcat
Summary
Apache releases security update to fix a denial-of-service vulnerability in Apache Tomcat
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service (DoS) condition.
Remediation advice
Affected organisations are encouraged to review the Apache Tomcat security advisory for CVE-2021-42340 and follow the appropriate remediation step to apply the necessary updates.
Remediation steps
| Type | Step |
|---|---|
| Guidance |
Apache Tomcat 10.1.0-M1 to 10.1.0-M5 should upgrade to Apache Tomcat 10.1.0-M6 or later https://tomcat.apache.org/security-10.html |
| Guidance |
Apache Tomcat 10.0.0-M10 to 10.0.11 should upgrade to Apache Tomcat 10.0.12 or later https://tomcat.apache.org/security-10.html |
| Guidance |
Apache Tomcat 9.0.40 to 9.0.53 should upgrade to Apache Tomcat 9.0.54 or later https://tomcat.apache.org/security-9.html |
| Guidance |
Apache Tomcat 8.5.60 to 8.5.71 should upgrade to Apache Tomcat 8.5.72 or later https://tomcat.apache.org/security-8.html |
Last edited: 18 October 2021 11:18 am