Lucene search
Rockylinux Product ErrataRLSA-2024:0539HistoryFeb 12, 2024 - 8:16 p.m.
tomcat security update
2024-02-1220:16:50
Rockylinux Product Errata
errata.rockylinux.org
14
tomcat
security update
rocky linux 8
http request smuggling
vulnerability
cve-2023-46589
cvss score
servlet container
java
An update is available for tomcat.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
- tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| rocky | 8 | noarch | tomcat | <Â 9.0.62-27.el8_9.3 | tomcat-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-admin-webapps | <Â 9.0.62-27.el8_9.3 | tomcat-admin-webapps-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-docs-webapp | <Â 9.0.62-27.el8_9.3 | tomcat-docs-webapp-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-el-3.0-api | <Â 9.0.62-27.el8_9.3 | tomcat-el-3.0-api-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-jsp-2.3-api | <Â 9.0.62-27.el8_9.3 | tomcat-jsp-2.3-api-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-lib | <Â 9.0.62-27.el8_9.3 | tomcat-lib-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-servlet-4.0-api | <Â 9.0.62-27.el8_9.3 | tomcat-servlet-4.0-api-1:9.0.62-27.el8_9.3.noarch.rpm |
| rocky | 8 | noarch | tomcat-webapps | <Â 9.0.62-27.el8_9.3 | tomcat-webapps-1:9.0.62-27.el8_9.3.noarch.rpm |
Related
nessus
nessus
SUSE SLES12 Security Update : tomcat (SUSE-SU-2024:0206-1)
2024-01-25 00:00:00
RHEL 8 : tomcat (RHSA-2024:0532)
2024-01-29 00:00:00
AlmaLinux 8 : tomcat (ALSA-2024:0539)
2024-01-30 00:00:00
redhat
redhat
(RHSA-2024:0532) Important: tomcat security update
2024-01-29 00:58:19
(RHSA-2024:0539) Important: tomcat security update
2024-01-29 08:03:51
(RHSA-2024:1134) Important: tomcat security update
2024-03-05 15:32:17
osv
osv
tomcat9 - security update
2024-01-05 00:00:00
CVE-2023-46589
2023-11-28 16:15:06
Important: tomcat security update
2024-01-29 00:00:00
ibm
ibm
tomcat
tomcat
Fixed in Apache Tomcat 10.1.16
2023-11-14 00:00:00
Fixed in Apache Tomcat 9.0.83
2023-11-15 00:00:00
Fixed in Apache Tomcat 8.5.96
2023-11-13 00:00:00
veracode
veracode
Request Smuggling
2023-11-29 06:11:28
openvas
openvas
Apache Tomcat Request Smuggling Vulnerability (Nov 2023) - Windows
2023-11-29 00:00:00
Apache Tomcat Request Smuggling Vulnerability (Nov 2023) - Linux
2023-11-29 00:00:00
Debian: Security Advisory (DLA-3707-1)
2024-01-12 00:00:00
cgr
cgr
CVE-2023-46589 vulnerabilities
2024-05-19 03:07:16
kaspersky
kaspersky
KLA62191 ACE vulnerability in Apache Tomcat
2023-11-15 00:00:00
KLA62193 ACE vulnerability in Apache Tomcat
2023-11-14 00:00:00
KLA62192 ACE vulnerability in Apache Tomcat
2023-11-13 00:00:00
prion
prion
Input validation
2023-11-28 16:15:00
atlassian
atlassian
Upgrade Tomcat to fix CVE-2023-46589
2023-11-30 19:06:38
Upgrade Tomcat to fix CVE-2023-46589
2023-11-29 23:55:54
debian
debian
[SECURITY] [DLA 3707-1] tomcat9 security update
2024-01-05 09:41:03
[SECURITY] [DSA 5667-1] tomcat9 security update
2024-04-19 20:06:14
[SECURITY] [DSA 5665-1] tomcat10 security update
2024-04-17 22:03:15
oraclelinux
oraclelinux
tomcat security update
2024-03-07 00:00:00
tomcat security update
2024-01-29 00:00:00
github
github
Apache Tomcat Improper Input Validation vulnerability
2023-11-28 18:30:23
ubuntucve
ubuntucve
CVE-2023-46589
2023-11-28 00:00:00
almalinux
almalinux
Important: tomcat security update
2024-03-05 00:00:00
Important: tomcat security update
2024-01-29 00:00:00
f5
f5
K000137926 : Apache Tomcat vulnerability CVE-2023-46589
2023-12-18 00:00:00
amazon
amazon
Medium: tomcat8
2024-01-19 01:19:00
debiancve
debiancve
CVE-2023-46589
2023-11-28 16:15:06
redhatcve
redhatcve
CVE-2023-46589
2023-11-29 09:26:39
cvelist
cvelist
cve
cve
CVE-2023-46589
2023-11-28 16:15:06
redos
redos
ROS-20240405-12
2024-04-05 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00