3 matches found
Fixed in Apache Tomcat 9.0.113
Low: Security constraint bypass CVE-2026-24733 Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification invalid HEAD...
CVE-2025-57772
CVE-2025-57772 affects DataEase prior to 2.10.12. A H2 JDBC RCE bypass exists where the getJdbcUrl method can return the JdbcUrl parameter, bypassing H2 filtering and allowing the JDBC URL to specify the driver (e.g., driver: org.h2.Driver) for the connection. This leads to potential remote code ...
Radware Cloud Web Application Firewall 安全漏洞
Radware Cloud Web Application Firewall is a cloud-based web application firewall from Radware Israel. A security vulnerability exists in Radware Cloud Web Application Firewall versions prior to 2025-05-07, which originates in the HTTP GET method where the body of the HTTP request contains random...