243 matches found
Apache Tomcat Examples Web Application - Cross-Site Scripting
Apache Tomcat 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22, and 10.1.0-M1 to 10.1.0-M16 contain a reflected cross-site scripting caused by displaying unfiltered user data in the Form authentication example, letting attackers execute scripts in victim browsers, exploit requires attacke...
Astra Linux - уязвимость в tomcat9
URL redirection to untrusted sites “open redirect” vulnerability in FORM authentication with Apache Tomcat. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.0-M10, 10.1.0-M1 through 10.0.12, 9.0.0-M1 through 9.0.79, and 8.5.0 through 8.5.92. Older, end-of-life versions...
MiracleLinux 4 : tomcat6-6.0.24-48.AXS4 (AXSA:2013-27:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-27:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet...
EUVD-2024-3227
Malicious code in bioql PyPI...
EUVD-2022-5963
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-46750
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability when form authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or...
undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Tomcat vulnerabilities (USN-7106-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7106-1 advisory. It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with request...
CVE-2023-1973
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
DEBIAN-CVE-2023-1973
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
undertow: unrestricted request storage leads to memory exhaustion
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
tomcat: Open Redirect vulnerability in FORM authentication
A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...
tomcat: Open Redirect vulnerability in FORM authentication
A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...
BIT-TOMCAT-2022-34305 XSS in examples web application
In Apache Tomcat 10.1.0 to 10.1.0, 10.0.0 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...
PT-2024-2115 · Fortinet · Fortiproxy +1
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.2.0 through 6.2.15 Fortinet FortiOS versions 6.4.0 through 6.4.14 Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS versions 7.4.0 through 7.4.1 FortiProx...
ALSA-2024:0474 Moderate: tomcat security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...
tomcat: Open Redirect vulnerability in FORM authentication
A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...