Lucene search
K

13 matches found

OSV
OSV
added 5 days ago8 views

ROOT-APP-MAVEN-CVE-2026-29129 CVE-2026-29129 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-29129 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.2AI score0.00259EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/13 4:45 p.m.18 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.18.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.18.jar Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This...

9.1CVSS5.8AI score0.00715EPSS
Exploits1Affected Software1
SUSE Linux
SUSE Linux
added 2026/04/24 11:48 a.m.6 views

Security update for tomcat

This update for tomcat fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...

8.7CVSS5.6AI score0.03494EPSS
Exploits1References40
SUSE Linux
SUSE Linux
added 2026/04/24 11:47 a.m.7 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...

8.7CVSS5.6AI score0.15831EPSS
Exploits5References40
SUSE Linux
SUSE Linux
added 2026/04/23 3:52 p.m.10 views

Security update for tomcat

This update for tomcat fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...

8.7CVSS7.4AI score0.15831EPSS
Exploits6References40
OSV
OSV
added 2026/04/23 3:52 p.m.7 views

SUSE-SU-2026:1572-1 Security update for tomcat

This update for tomcat fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

9.1CVSS8.5AI score0.15831EPSS
Exploits6References21
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/23 12:0 a.m.11 views

Security update for tomcat10 (important)

openSUSE security update: security update for tomcat10 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20612-1 Rating: important References: bsc1258371 bsc1261850 bsc1261851 bsc1261852 bsc1261853 bsc1261854 bsc1261855 bsc1261856 bsc1261857...

8.7CVSS7.4AI score0.15831EPSS
Exploits5References9
OSV
OSV
added 2026/04/21 11:43 a.m.16 views

OPENSUSE-SU-2026:20595-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS7.4AI score0.15831EPSS
Exploits6References20
OSV
OSV
added 2026/04/17 1:2 p.m.13 views

OESA-2026-1970 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Inconsistent Interpretation of...

9.1CVSS5.7AI score0.15831EPSS
Exploits6References11
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/15 12:0 a.m.5 views

tomcat-9.0.117-1.1 on GA media (moderate)

tomcat-9.0.117-1.1 on GA media Announcement ID: openSUSE-SU-2026:10547-1 Rating: moderate Cross-References: CVE-2026-24880 CVE-2026-25854 CVE-2026-29129 CVE-2026-29145 CVE-2026-29146 CVE-2026-32990 CVE-2026-34483 CVE-2026-34486 CVE-2026-34487 CVE-2026-34500 CVSS scores: CVE-2026-24880 SUSE : 4.8...

8.7CVSS5.8AI score0.15831EPSS
Exploits6
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/15 12:0 a.m.6 views

tomcat11-11.0.21-1.1 on GA media (moderate)

tomcat11-11.0.21-1.1 on GA media Announcement ID: openSUSE-SU-2026:10549-1 Rating: moderate Cross-References: CVE-2026-24880 CVE-2026-25854 CVE-2026-29129 CVE-2026-29145 CVE-2026-29146 CVE-2026-32990 CVE-2026-34483 CVE-2026-34486 CVE-2026-34487 CVE-2026-34500 CVSS scores: CVE-2026-24880 SUSE : 4....

8.7CVSS7AI score0.15831EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-29129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51...

7.5CVSS5.4AI score0.00259EPSS
Exploits0References3
CVE
CVE
added 2026/04/09 7:19 p.m.39 views

CVE-2026-29129

CVE-2026-29129 is a vulnerability in Apache Tomcat where the configured cipher preference order is not preserved. It affects Tomcat versions 11.0.16–11.0.18, 10.1.51–10.1.52, and 9.0.114–9.0.115, per multiple sources (NVD, Debian security advisories, EUVD). The issue can impact confidentiality (C...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder