Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-21733

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

Published

2024-01-19T11:15:08.043

Last Modified

2025-06-13T16:15:24.760

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-209

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	tomcat	< 8.5.64	Yes
Application	apache	tomcat	< 9.0.44	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes
Application	apache	tomcat	9.0.0	Yes

References

http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html ([email protected])
http://www.openwall.com/lists/oss-security/2024/01/19/2 Mailing List, Patch, Third Party Advisory ([email protected])
https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz Mailing List, Patch, Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20240216-0005/ ([email protected])
http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2024/01/19/2 Mailing List, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz Mailing List, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240216-0005/ (af854a3a-2127-422b-91ae-364da2661108)