CVE-2024-21733

ADVISORY - github

Summary

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.

Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

EPSS Score⁠: 0.70951 (0.987)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-209⁠

Generation of Error Message Containing Sensitive Information

ADVISORY - github

CWE-209⁠

Generation of Error Message Containing Sensitive Information

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-209⁠

Generation of Error Message Containing Sensitive Information

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-209⁠

Generation of Error Message Containing Sensitive Information

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.