{"uuid": "dfd61450-0920-4bd5-aafe-3192e983231d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21733", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4338", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21733\n\ud83d\udd25 CVSS Score: 5.3 (CVSS_V3)\n\ud83d\udd39 Description: Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.\n\nUsers are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.\n\ud83d\udccf Published: 2024-01-19T12:30:18Z\n\ud83d\udccf Modified: 2025-02-13T19:33:09Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-21733\n2. https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a\n3. https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311\n4. https://github.com/apache/tomcat\n5. https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz\n6. https://security.netapp.com/advisory/ntap-20240216-0005\n7. https://tomcat.apache.org/security-8.html\n8. https://tomcat.apache.org/security-9.html\n9. http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html\n10. http://www.openwall.com/lists/oss-security/2024/01/19/2", "creation_timestamp": "2025-02-13T20:14:11.000000Z"}