openSUSE Security Update : tomcat (openSUSE-2019-1808)

This update for tomcat to version 9.0.21 fixes the following issues : Security issues fixed : - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerabilit...

Security update for tomcat (moderate)

openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2019:1808-1 Rating: moderate References: 1111966 1131055 1136085 Cross-References: CVE-2019-0199 CVE-2019-0221 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is no...

EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2019-1772)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory...

CVE-2019-11713

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

CVE-2019-11713

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

Design/Logic Flaw

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

CVE-2019-11713

CVE-2019-11713 is a use-after-free in HTTP/2 when a cached stream is closed while still in use, leading to a potentially exploitable crash. Affected products include Firefox ESR < 60.8, Firefox < 68, and Thunderbird

CVE-2019-11713

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

CVE-2019-11713

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

CVE-2019-11713

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

openSUSE Security Update : tomcat (openSUSE-2019-1723)

This update for tomcat to version 9.0.21 fixes the following issues : Security issue fixed : - CVE-2019-0199: Added additional fixes to address HTTP/2 connection window exhaustion bsc1139924. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Networ...

Updated thunderbird packages fix security vulnerability

Sandbox escape via installation of malicious language pack. CVE-2019-9811 Script injection within domain through inner window reuse. CVE-2019-11711 Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects. CVE-2019-11712 Use-after-free with HTTP/2 cached stream...

openSUSE: Security Advisory for tomcat (openSUSE-SU-2019:1723-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1723-1 Security update for tomcat

This update for tomcat to version 9.0.21 fixes the following issues: Security issue fixed: - CVE-2019-0199: Added additional fixes to address HTTP/2 connection window exhaustion bsc1139924. This update was imported from the SUSE:SLE-15:Update update project...

Security update for tomcat (moderate)

openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2019:1723-1 Rating: moderate References: 1139924 Cross-References: CVE-2019-0199 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for tomcat to...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:1869-1)

This update for MozillaFirefox, mozilla-nss fixes the following issues : MozillaFirefox to version ESR 60.8 : CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. CVE-2019-11712:...

Important: tomcat8

Issue Overview: The HTTP/2 implementation in Apache Tomcat accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O,...

Mozilla Thunderbird < 60.8

The version of Thunderbird installed on the remote Windows host is prior to 60.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-23 advisory. - A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use,...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash...

SUSE-SU-2019:1825-1 Security update for tomcat

This update for tomcat to version 9.0.21 fixes the following issues: Security issue fixed: - CVE-2019-0199: Added additional fixes to address HTTP/2 connection window exhaustion bsc1139924...