On 29/04/2025 08:16, Zdeněk Henek wrote:
Hi,
I have looked at the commits and all have in changes http2. Is this an
issue in case we don't use http2?
No. It only affects h2/h2c.
Mark
Thank you.
Regards,
Zdenek Henek
On Mon, Apr 28, 2025 at 7:12 PM Mark Thomas wrote:
CVE-2025-31650 Apa
Hi,
I have looked at the commits and all have in changes http2. Is this an
issue in case we don't use http2?
Thank you.
Regards,
Zdenek Henek
On Mon, Apr 28, 2025 at 7:12 PM Mark Thomas wrote:
> CVE-2025-31650 Apache Tomcat - DoS via invalid HTTP prioritization header
>
> Severity: High
>
> V
CVE-2025-31650 Apache Tomcat - DoS via invalid HTTP prioritization header
Severity: High
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M2 to 11.0.5
Apache Tomcat 10.1.10 to 10.1.39
Apache Tomcat 9.0.76 to 9.0.102
Description:
Incorrect error handling for some i