Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-JPQR-VH55-XQXF
HistoryMay 01, 2022 - 7:45 a.m.

Apache Tomcat Buffer Over-Read

2022-05-0107:45:38
Google
osv.dev
1

6.8 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.

References

Related

github 1
cve 1
ubuntucve 1
tomcat 1
ibm 1
nessus 2
redhat 2
github
github
Apache Tomcat Buffer Over-Read
2022-05-01 07:45:38
cve
cve
CVE-2006-7197
2007-04-25 20:19:00
ubuntucve
ubuntucve
CVE-2006-7197
2007-04-25 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat JK Connector 1.2.16
2007-04-25 00:00:00
ibm
ibm
Security Bulletin: Apache Tomcat Vulnerabilities Affect IBM Sterling B2B Integrator
2021-10-05 21:10:59
nessus
nessus
RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)
2010-01-10 00:00:00
RHEL 4 : Satellite Server (RHSA-2008:0261)
2010-01-10 00:00:00
redhat
redhat
(RHSA-2008:0261) Moderate: Red Hat Network Satellite Server security update
2008-05-20 00:00:00
(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update
2008-06-30 00:00:00

6.8 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for OSV:GHSA-JPQR-VH55-XQXF
github1cve1ubuntucve1tomcat1ibm1nessus2redhat2