13Mar
CVE-2024-23672 | Apache Tomcat up to 8.5.98/9.0.85/10.1.18/11.0.0-M16 Websocket cleanup
A vulnerability classified as critical has been found in Apache Tomcat up to 8.5.98/9.0.85/10.1.18/11.0.0-M16. This affects an unknown part of the component Websocket Handler. The manipulation leads to incomplete cleanup. This vulnerability is uniquely identified as CVE-2024-23672. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.