Lucene search
+L

47 matches found

OSV
OSV
added 2026/04/22 11:7 a.m.6 views

SUSE-SU-2026:21378-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/22 10:52 a.m.7 views

OPENSUSE-SU-2026:20611-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...

9.1CVSS8.6AI score0.21691EPSS
Exploits8References20
OSV
OSV
added 2026/04/22 10:52 a.m.8 views

OPENSUSE-SU-2026:20612-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS5.3AI score0.21691EPSS
Exploits8References20
OSV
OSV
added 2026/04/21 11:42 a.m.6 views

SUSE-SU-2026:21366-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/17 1:2 p.m.15 views

OESA-2026-1970 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Inconsistent Interpretation of...

9.1CVSS5.7AI score0.21691EPSS
Exploits8References11
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.17 views

Apache Tomcat 10.1.50 < 10.1.53 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.53. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.53security-10 advisory. - CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled...

9.1CVSS6.4AI score0.0504EPSS
Exploits3References14
OSV
OSV
added 2026/04/13 5:53 a.m.4 views

BIT-TOMCAT-2026-29129 Apache Tomcat: TLS cipher order is not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2026/04/12 5:23 a.m.7 views

MGASA-2026-0095 Updated tomcat packages fix security vulnerabilities

Request smuggling via invalid chunk extension. CVE-2026-24880 Occasionally open redirect. CVE-2026-25854 TLS cipher order is not preserved. CVE-2026-29129 OCSP checks sometimes soft-fail even when soft-fail is disabled. CVE-2026-29145 EncryptInterceptor vulnerable to padding oracle attack by...

9.1CVSS5.8AI score0.21691EPSS
Exploits8References12
SUSE CVE
SUSE CVE
added 2026/04/10 11:26 p.m.5 views

SUSE CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

4.8CVSS5.8AI score0.00259EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/09 9:31 p.m.4 views

EUVD-2026-21010

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

5.8AI score0.00259EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 9:31 p.m.3 views

GHSA-69CC-CV78-QC8G Apache Tomcat: Configured cipher preference order not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References10
NVD
NVD
added 2026/04/09 8:16 p.m.6 views

CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS0.00259EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 8:16 p.m.16 views

DEBIAN-CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.2AI score0.00259EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 8:16 p.m.3 views

CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 8:16 p.m.5 views

UBUNTU-CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 7:19 p.m.24 views

CVE-2026-29129 Apache Tomcat: TLS cipher order is not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 7:19 p.m.3 views

CVE-2026-29129 Apache Tomcat: TLS cipher order is not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

5.8AI score0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 7:19 p.m.9 views

CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

5.8AI score0.00259EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/09 7:19 p.m.52 views

CVE-2026-29129

CVE-2026-29129 is a vulnerability in Apache Tomcat where the configured cipher preference order is not preserved. It affects Tomcat versions 11.0.16–11.0.18, 10.1.51–10.1.52, and 9.0.114–9.0.115, per multiple sources (NVD, Debian security advisories, EUVD). The issue can impact confidentiality (C...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/09 7:19 p.m.5 views

CVE-2026-29129

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.2AI score0.00259EPSS
Exploits0
Rows per page
Query Builder