24 matches found
CLEANSTART-2026-MR27796 Security fixes for CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2025-31650, CVE-2025-31651 applied in versions: 10.1.53-r0, 9.0.58-r0, 9.0.63-r0, 9.0.64-r0, 9.0.68-r0, 9.0.70-r0, 9.0.71-r0, 9.0.73-r0, 9.0.80-r0
Multiple security vulnerabilities affect the tomcat10 package. These issues are resolved in later releases. See references for individual vulnerability details...
Linux Distros Unpatched Vulnerability : CVE-2022-34305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web...
Updated tomcat packages fix security vulnerability
Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...
Security Bulletin: IBM UrbanCode Release is affected by CVE-2022-34305
Summary IBM UrbanCode Release is affected by CVE-2022-34305 Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to cross-site scripting due to Apache Tomcat (CVE-2022-34305)
Summary IBM Sterling Partner Engagement Manager has addressed a vulnerability published by Apache Tomcat for cross-site scripting. Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Security Bulletin: IBM UrbanCode Build is affected by CVE-2022-34305
Summary IBM UrbanCode Build is affected by CVE-2022-34305 Vulnerability Details CVEID:CVE-2022-34305 DESCRIPTION: Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the...
Dell EMC NetWorker < 19.7.0.2 XSS (DSA-2022-341)
The version of Dell EMC NetWorker installed on the remote Windows host contains an embedded Apache Tomcat instance that is prior 9.0.65. It is, therefore, affected by a cross-site scripting XSS vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the...
Oracle MySQL Enterprise Monitor (Oct 2022 CPU)
The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Moment.js. Supported versions that...
Vulnerabilities fixed in Oracle Siebel CRM
Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the...
KLA19260 XSS vulnerability in Apache Tomcat
Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 8.5.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-34305 high Solution Update to the late...
FreeBSD : Tomcat -- XSS in examples web application (e2e7faf9-1b51-11ed-ae46-002b67dfc673)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e2e7faf9-1b51-11ed-ae46-002b67dfc673 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81...
Fixed in Apache Tomcat 10.0.23
Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 1a7e95d9. This issue was reported to the Apache Tomcat Securit...
KLA19262 XSS vulnerability in Apache Tomcat
Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 10.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-34305 high Solution Update to the lates...
Fixed in Apache Tomcat 9.0.65
Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 8b60af90. This issue was reported to the Apache Tomcat Securit...
Security Bulletin: The CVE-2022-34305 vulnerability in Apache Tomcat affects App Connect Professional.
Summary App Connect Professional have addressed the following vulnerability reported in Apache Tomcat. This vulnerability is addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost. Vulnerability Details CVEID: CVE-2022-34305...
Confluence Apache Tomcat CVE-2022-34305
This is reproducible on Data Center: yes The current version of Tomcat 9.0.63 is bundled with Confluence 7.18.2 and Confluence 7.13.8 are vulnerable to CVE-2022-34305 https://vulners.com/cve/CVE-2022-34305 h3. Steps to Reproduce - h3. Expected Results - h3. Actual Results - h3. Workaround Manuall...
Apache Tomcat CVE-2022-34305
h3. Issue Summary This is reproducible on Data Center: yes The current version of Tomcat 8.5.72 bundled with JIRA 8.22 and Tomcat 9.0.61 bundled with Jira 9 are vulnerable to CVE-2022-34305 https://vulners.com/cve/CVE-2022-34305 h3. Steps to Reproduce -- h3. Expected Results -- h3. Actual Results...
CVE-2022-34305
creationtimestamp| type| source ---|---|--- 2022-06-26 03:24:35+00:00| seen| https://t.me/cKure/9826 2022-06-26 15:16:02+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6276 2025-12-17 21:03:01+00:00| seen|...
Apache Tomcat XSS Vulnerability (Jun 2022) - Linux
Apache Tomcat is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2022-34305
CVE-2022-34305 affects Apache Tomcat across multiple tracks: 10.1.0-M1..M16, 10.0.0-M1..10.0.22, 9.0.30..9.0.64, and 8.5.50..8.5.81, where the Form authentication example in the sample web app exposes XSS by displaying unsanitized user input. Root cause: user-provided data in the example form is ...