38 matches found
TencentOS Server 3: tomcat (TSSA-2024:0045)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0045 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 4: tomcat (TSSA-2024:0243)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0243 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities
Summary IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2002-0080 DESCRIPTION: rsync could allow a remote attacker to gain elevated privileges on the system. rsync fails to drop privileges for...
CLSA-2025-1741286028 Fix CVE(s): CVE-2023-42795
SECURITY UPDATE: Incomplete Cleanup vulnerability in Tomcat - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle methods - CVE-2023-42795...
Linux Distros Unpatched Vulnerability : CVE-2023-42795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1...
CLSA-2025-1739387678 tomcat: Fix of CVE-2023-42795
CVE-2023-42795: improve handling of failures during recycle methods...
RHEL 6 : tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: EncryptInterceptor documentation mistake CVE-2022-29885 - tomcat: Open Redirect vulnerability in...
Oracle Linux 9 : tomcat (ELSA-2024-3307)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3307 advisory. - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache...
openSUSE Security Advisory (SUSE-SU-2024:0472-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2024:0472-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0472-1 advisory. Updated to Tomcat 9.0.85: - CVE-2023-45648: Improve trailer header parsing bsc1216118. - CVE-2023-42794: FileUpload:...
SUSE: Security Advisory (SUSE-SU-2024:0472-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2024-1166)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Apache Tomcat [CVE-2023-42795]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Apache Tomcat, caused by an incomplete Cleanup vulnerability when recycling various internal objects CVE-2023-42795. Apache Tomcat is used as a component of our Speech...
Moderate: Red Hat Security Advisory: tomcat security update
An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 9 : tomcat (RHSA-2024:0474)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0474 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect...
F5 Networks BIG-IP : Apache Tomcat vulnerability (K000138178)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000138178 advisory. - Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.5)
The version of AOS installed on the remote host is prior to 6.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.5 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through...
Moderate: Red Hat Security Advisory: tomcat security update
An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: tomcat security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...
Security Bulletin: IBM DevOps Build 7.0.0 addresses multiple vulnerabilities.
Summary IBM DevOps Build 7.0.0 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer header, an attacker...