USN-4448-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2020-13935 CVE-2020-1935 CVE-2020-9484 UBUNTU-CVE-2020-13935 UBUNTU-CVE-2020-1935 UBUNTU-CVE-2020-9484

Published: 04 Aug 2020, 16:56

Last modified:27 Apr 2026, 15:48

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Aug 2020, 16:56

Published

Vulnerability first disclosed

27 Apr 2026, 15:48

Last Modified

Vulnerability information updated

Description

tomcat8 vulnerabilities It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. (CVE-2020-13935) It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Reqest Smuggling. (CVE-2020-1935) It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484)

Affected Systems

ubuntu•tomcat8
< 8.0.32-1ubuntu1.13

USN-4448-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)