{"id":"CVE-2023-28709","summary":"Apache Tomcat: Fix for CVE-2023-24998 is incomplete","details":"The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP       connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was       submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.","aliases":["BIT-tomcat-2023-28709","GHSA-cx6h-86xw-9x34"],"modified":"2026-05-18T05:55:24.422226030Z","published":"2023-05-22T10:08:49.541Z","related":["ALSA-2023:6570","ALSA-2023:7065","SUSE-SU-2023:2318-1","SUSE-SU-2023:2319-1","SUSE-SU-2023:2504-1","SUSE-SU-2023:2505-1","SUSE-SU-2026:1058-1","openSUSE-SU-2024:12953-1","openSUSE-SU-2024:13441-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"introduced":"11.0.0-M2"},{"last_affected":"11.0.0-M4"},{"introduced":"10.1.5"},{"last_affected":"10.1.7"},{"introduced":"9.0.71"},{"last_affected":"9.0.73"},{"introduced":"8.5.85"},{"last_affected":"8.5.87"}],"source":"AFFECTED_FIELD"}],"cwe_ids":["CWE-193"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28709.json","cna_assigner":"apache"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/05/22/1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28709.json"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/7wvxonzwb7k9hx9jt3q33cmy7j97jo3j"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28709"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202305-37"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230616-0004/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5521"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/tomcat","events":[{"introduced":"7b1f4ce0b82641bf76a3d763bd97d5522513b57b"},{"last_affected":"9179f3c22aead8702936eace5c46e8860b644b3c"},{"introduced":"83ff421c4725bccfd7bec1a16b8ca3cb61bedd2a"},{"last_affected":"5452041bb674b46ea1390ee86b8f846728ec1236"},{"introduced":"f6eebe2ef959503150432dc2700181bd29a5ebc9"},{"last_affected":"473ef42c637c97eb17b38c5580a6b854dfe27a02"},{"introduced":"0"},{"last_affected":"4b03c23ad60e678c1d1a85df815fb6cd8d14ca67"},{"last_affected":"8afe2647d7801172cc304f4a47d8aad9646d2985"},{"last_affected":"3b6de549bdf4f6486c39daa0ae8e4d4b7475b1f6"}],"database_specific":{"extracted_events":[{"introduced":"8.5.85"},{"last_affected":"8.5.87"},{"introduced":"9.0.71"},{"last_affected":"9.0.73"},{"introduced":"10.1.5"},{"last_affected":"10.1.7"},{"introduced":"0"},{"last_affected":"11.0.0-milestone2"},{"last_affected":"11.0.0-milestone3"},{"last_affected":"11.0.0-milestone4"}],"source":"CPE_FIELD","cpe":["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*"]}}],"versions":["10.1.7","11.0.0-M4","8.5.87","9.0.73","11.0.0-M3","11.0.0-M2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28709.json"}}],"schema_version":"1.7.5"}