[SECURITY] Fedora 25 Update: tomcat-8.0.43-1.fc25

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

CentOS Update for tomcat6 CESA-2017:0527 centos6

Check the version of tomcat6 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882682";...

Moderate: Red Hat Security Advisory: tomcat6 security update

An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 24 Update: tomcat-8.0.41-1.fc24

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

[SECURITY] Fedora 25 Update: tomcat-8.0.39-1.fc25

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

tomcat security update

CentOS Errata and Security Advisory CESA-2016:2599 An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Debian Security Advisory DSA 3720-1 (tomcat8 - security update)

Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrite...

Moderate: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Apache Tomcat on Debian-Based Distros - Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-1240 - Release date: 30.09.2016 - Revision: 1 - Severity: High...

[SECURITY] Fedora 24 Update: struts-1.3.10-18.fc24

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

[SECURITY] Fedora 23 Update: struts-1.3.10-18.fc23

Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages JSP technology. Struts encourages application architectures based on the Model-View-Controller MVC design paradigm,...

CVE-2016-3438

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has...

CentOS Update for tomcat6 CESA-2016:0492 centos6

Check the version of tomcat6 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882434";...

tomcat6 security update

CentOS Errata and Security Advisory CESA-2016:0492 Updated tomcat6 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...

RHEL 6 : tomcat6 (RHSA-2016:0492)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0492 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that the expression language resolver...

RedHat Update for tomcat6 RHSA-2016:0492-01

The remote host is missing an update for the Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DLA-435-1 tomcat6 - security update

Bulletin has no description...

Debian Security Advisory DSA 3447-1 (tomcat7 - security update)

It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section. OpenVAS Vulnerability Test $Id: deb3447.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from...

CVE-2015-7904

Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file...

CVE-2015-6259

The JavaServer Pages JSP component in Cisco Integrated Management Controller IMC Supervisor before 1.0.0.1 and UCS Director formerly Cloupia Unified Infrastructure Controller before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and...