Kanatoko

**Name of the Vulnerable Software and Affected Versions:** Apache Tomcat versions 11.0.0-M1 through 11.0.8 Apache Tomcat versions 10.1.0-M1 through 10.1.42 Apache Tomcat versions 9.0.0.M1 through 9.0.106 **Description:** An uncontrolled resource consumption issue exists in Apache Tomcat when an HTTP/2 client fails to acknowledge the initial settings frame, leading to a reduction in the maximum permitted concurrent streams. **Recommendations:** Upgrade to Apache Tomcat version 11.0.9. Upgrade to Apache Tomcat version 10.1.43. Upgrade to Apache Tomcat version 9.0.107.

**Name of the Vulnerable Software and Affected Versions** MySQL versions 4.1.x through 4.1.17 MySQL versions 5.0.x through 5.0.18 MySQL versions 5.1.x through 5.1.5 **Description** The issue allows remote authorized users to cause a denial of service, resulting in a crash, by passing a NULL second argument to the `str to date` function. **Recommendations** For MySQL versions 4.1.x through 4.1.17, update to version 4.1.18 or later. For MySQL versions 5.0.x through 5.0.18, update to version 5.0.19 or later. For MySQL versions 5.1.x through 5.1.5, update to version 5.1.6 or later.