Lucene search
K

24 matches found

OSV
OSV
added 2026/05/18 1:35 p.m.21 views

CLEANSTART-2026-MR27796 Security fixes for CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2025-31650, CVE-2025-31651 applied in versions: 10.1.53-r0, 9.0.58-r0, 9.0.63-r0, 9.0.64-r0, 9.0.68-r0, 9.0.70-r0, 9.0.71-r0, 9.0.73-r0, 9.0.80-r0

Multiple security vulnerabilities affect the tomcat10 package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS7.5AI score0.73139EPSS
Exploits27References19
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-34305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web...

6.1CVSS6.9AI score0.06156EPSS
Exploits0References2
Mageia
Mageia
added 2023/04/15 7:3 p.m.142 views

Updated tomcat packages fix security vulnerability

Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...

7.5CVSS6.7AI score0.73139EPSS
Exploits21References12
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/20 4:8 p.m.29 views

Security Bulletin: IBM UrbanCode Release is affected by CVE-2022-34305

Summary IBM UrbanCode Release is affected by CVE-2022-34305 Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the...

6.1CVSS6.1AI score0.06156EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 10:31 a.m.35 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to cross-site scripting due to Apache Tomcat (CVE-2022-34305)

Summary IBM Sterling Partner Engagement Manager has addressed a vulnerability published by Apache Tomcat for cross-site scripting. Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

6.1CVSS6.1AI score0.06156EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/20 7:5 a.m.30 views

Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-34305

Summary IBM UrbanCode Build is affected by CVE-2022-34305 Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the...

6.1CVSS6.1AI score0.06156EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/08 12:0 a.m.32 views

Dell EMC NetWorker < 19.7.0.2 XSS (DSA-2022-341)

The version of Dell EMC NetWorker installed on the remote Windows host contains an embedded Apache Tomcat instance that is prior 9.0.65. It is, therefore, affected by a cross-site scripting XSS vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the...

6.1CVSS7.2AI score0.06156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.26 views

Oracle MySQL Enterprise Monitor (Oct 2022 CPU)

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Moment.js. Supported versions that...

7.5CVSS6.5AI score0.06156EPSS
Exploits1References5
NCSC
NCSC
added 2022/10/19 12:0 a.m.9 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the...

9.3CVSS7AI score0.42229EPSS
Exploits3
Kaspersky
Kaspersky
added 2022/08/28 12:0 a.m.38 views

KLA19260 XSS vulnerability in Apache Tomcat

Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 8.5.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-34305 high Solution Update to the late...

6.1CVSS6.3AI score0.06156EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/16 12:0 a.m.32 views

FreeBSD : Tomcat -- XSS in examples web application (e2e7faf9-1b51-11ed-ae46-002b67dfc673)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e2e7faf9-1b51-11ed-ae46-002b67dfc673 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81...

6.1CVSS7.5AI score0.06156EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2022/07/26 12:0 a.m.79 views

Fixed in Apache Tomcat 10.0.23

Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 1a7e95d9. This issue was reported to the Apache Tomcat Securit...

6.1CVSS6.2AI score0.06156EPSS
Exploits0Affected Software1
Kaspersky
Kaspersky
added 2022/07/26 12:0 a.m.37 views

KLA19262 XSS vulnerability in Apache Tomcat

Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 10.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-34305 high Solution Update to the lates...

6.1CVSS6.3AI score0.06156EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2022/07/20 12:0 a.m.90 views

Fixed in Apache Tomcat 9.0.65

Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 8b60af90. This issue was reported to the Apache Tomcat Securit...

6.1CVSS6.2AI score0.06156EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/15 5:52 a.m.31 views

Security Bulletin: The CVE-2022-34305 vulnerability in Apache Tomcat affects App Connect Professional.

Summary App Connect Professional have addressed the following vulnerability reported in Apache Tomcat. This vulnerability is addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost. Vulnerability Details CVEID: CVE-2022-34305...

6.1CVSS0.1AI score0.06156EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/07/07 7:5 p.m.54 views

Confluence Apache Tomcat CVE-2022-34305

This is reproducible on Data Center: yes The current version of Tomcat 9.0.63 is bundled with Confluence 7.18.2 and Confluence 7.13.8 are vulnerable to CVE-2022-34305 https://vulners.com/cve/CVE-2022-34305 h3. Steps to Reproduce - h3. Expected Results - h3. Actual Results - h3. Workaround Manuall...

6.1CVSS6.3AI score0.06156EPSS
Exploits0
Atlassian
Atlassian
added 2022/06/28 2:48 p.m.248 views

Apache Tomcat CVE-2022-34305

h3. Issue Summary This is reproducible on Data Center: yes The current version of Tomcat 8.5.72 bundled with JIRA 8.22 and Tomcat 9.0.61 bundled with Jira 9 are vulnerable to CVE-2022-34305 https://vulners.com/cve/CVE-2022-34305 h3. Steps to Reproduce -- h3. Expected Results -- h3. Actual Results...

6.1CVSS6.6AI score0.06156EPSS
Exploits0
Circl
Circl
added 2022/06/26 3:24 a.m.3 views

CVE-2022-34305

creationtimestamp| type| source ---|---|--- 2022-06-26 03:24:35+00:00| seen| https://t.me/cKure/9826 2022-06-26 15:16:02+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6276 2025-12-17 21:03:01+00:00| seen|...

6.1CVSS7.5AI score0.06156EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/06/24 12:0 a.m.24 views

Apache Tomcat XSS Vulnerability (Jun 2022) - Linux

Apache Tomcat is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

6.1CVSS6.2AI score0.06156EPSS
Exploits0References1
CVE
CVE
added 2022/06/23 10:30 a.m.459 views

CVE-2022-34305

CVE-2022-34305 affects Apache Tomcat across multiple tracks: 10.1.0-M1..M16, 10.0.0-M1..10.0.22, 9.0.30..9.0.64, and 8.5.50..8.5.81, where the Form authentication example in the sample web app exposes XSS by displaying unsanitized user input. Root cause: user-provided data in the example form is ...

6.1CVSS6.3AI score0.06156EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder