CVSS: 7.5EPSS: 20%CPEs: 12EXPL: 0CVE-2005-3510 – tomcat DoS
https://notcve.org/view.php?id=CVE-2005-3510
06 Nov 2005 — Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files. • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx •
CVSS: 6.1EPSS: 74%CPEs: 2EXPL: 1CVE-2005-2090 – tomcat multiple content-length header poisioning
https://notcve.org/view.php?id=CVE-2005-2090
30 Jun 2005 — Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." Apache Tomcat versions 8.0.0-RC1, 7.0.0 ... • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx •