- Vulnerability/
- USN-7469-2
USN-7469-2: Apache Tomcat vulnerability
First published: Mon Apr 28 2025(Updated: )
USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Apache Tomcat. Original advisory details: It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tomcat |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of USN-7469-2?
USN-7469-2 addresses a high-severity vulnerability related to poor resource management in Apache Traffic Server's HTTP/2 protocol.
How do I fix USN-7469-2?
To fix USN-7469-2, update to the patched version 8.5.39-1ubuntu1~18.04.3+esm4 of libtomcat8-embed-java, libtomcat8-java, or tomcat8 on Ubuntu 18.04.
What products are affected by USN-7469-2?
USN-7469-2 affects the libtomcat8-embed-java, libtomcat8-java, and tomcat8 packages in Ubuntu 18.04.
Is USN-7469-2 specific to Ubuntu 18.04?
Yes, USN-7469-2 specifically addresses vulnerabilities in packages for Ubuntu version 18.04.
What happens if I don't address USN-7469-2?
Failing to address USN-7469-2 could leave your system vulnerable to attacks exploiting the resource management issues in the affected Apache Traffic Server.
- agent/title
- agent/source
- agent/last-modified-date
- agent/type
- agent/description
- agent/first-publish-date
- collector/usn
- source/Ubuntu
- agent/references
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/apache
- canonical/tomcat