Lucene search

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

🗓️ 16 Jun 2021 17:29:45Reported by GitHub Advisory DatabaseType

github🔗 github.com👁 234 Views

Exposure of Sensitive Information in Apache Tomcat due to Header Duplicatio

Reporter	Title	Published	Views	Family All 121
OSV	Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat	16 Jun 202117:45	–	osv
OSV	CGA-VHQV-JHJV-679R	6 Jun 202412:29	–	osv
OSV	BIT-tomcat-2021-25122	6 Mar 202411:10	–	osv
OSV	tomcat9 - security update	13 Apr 202100:00	–	osv
OSV	tomcat8 - security update	15 Mar 202100:00	–	osv
OSV	RHSA-2021:2561 Red Hat Security Advisory: Red Hat JBoss Web Server 5.5.0 Security release	22 Sep 202417:05	–	osv
OSV	USN-6943-1 tomcat8, tomcat9 vulnerabilities	1 Aug 202420:25	–	osv
OSV	tomcat9 vulnerabilities	31 Mar 202218:51	–	osv
OSV	OPENSUSE-SU-2024:11468-1 tomcat-9.0.36-8.4 on GA media	15 Jun 202400:00	–	osv
OSV	OPENSUSE-SU-2024:13441-1 tomcat10-10.1.14-1.1 on GA media	15 Jun 202400:00	–	osv

Vulners

Node

org.apache.tomcat.embed tomcat\-embed\-coreRange8.5.0–8.5.63

org.apache.tomcat.embed tomcat\-embed\-coreRange9.0.0–9.0.43

org.apache.tomcat.embed tomcat\-embed\-coreRange10.0.0–10.0.2

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-25122
lists	www.lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E
lists	www.lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
lists	www.lists.debian.org/debian-lts-announce/2021/03/msg00018.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Jun 2021 17:45Current

2.1Low risk

Vulners AI Score2.1

CVSS25

CVSS37.5

EPSS0.14826

CWE-200