Lucene search
K

201 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added yesterday4 views

Important: Red Hat Security Advisory: tomcat security, bug fix, and enhancement update

An update for tomcat is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.21691EPSS
Exploits6References4
Rockylinux
Rockylinux
added 4 days ago6 views

tomcat9 security, bug fix, and enhancement update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

7.5CVSS6.2AI score0.21691EPSS
Exploits6
RedHat Linux
RedHat Linux
added 5 days ago7 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 6 days ago5 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 6 days ago6 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 6 days ago6 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS6.1AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 6 days ago7 views

Important: Red Hat Security Advisory: tomcat9 security, bug fix, and enhancement update

An update for tomcat9 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.2AI score0.21691EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 6 days ago5 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References5
GithubExploit
GithubExploit
added 2026/05/11 2:7 p.m.138 views

Exploit for Missing Encryption of Sensitive Data in Apache Tomcat

CVE-2026-34486 EncryptInterceptor fail-open bypass in Apache...

7.5CVSS6AI score0.21691EPSS
Exploits6
Redos
Redos
added 2026/04/20 12:0 a.m.6 views

ROS-20260420-73-0010

A vulnerability in the crypto/modes/ocb128.c component of the OpenSSL TLS and SSL protocols toolkit is related to the lack of a required encryption step. Exploitation of the vulnerability could allow an attacker to gain access to confidential data and compromise its integrity...

4CVSS6.4AI score0.00115EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/04/15 7:30 a.m.171 views

Exploit for Missing Encryption of Sensitive Data in Apache Tomcat

CVE-2026-34486 Apache Tomcat EncryptInterceptor Bypass Vulnera...

7.5CVSS7.4AI score0.21691EPSS
Exploits6
GithubExploit
GithubExploit
added 2026/04/15 6:46 a.m.111 views

Exploit for Missing Encryption of Sensitive Data in Apache Tomcat

No d...

7.5CVSS5.8AI score0.21691EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2026/04/10 7:7 a.m.10 views

CVE-2026-34486

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS5.8AI score0.21691EPSS
Exploits6References4
Vulnrichment
Vulnrichment
added 2026/04/09 7:35 p.m.3 views

CVE-2026-34486 Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

5.8AI score0.21691EPSS
Exploits6References1
Debian CVE
Debian CVE
added 2026/04/09 7:35 p.m.5 views

CVE-2026-34486

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

7.5CVSS5.6AI score0.21691EPSS
Exploits6
ATTACKERKB
ATTACKERKB
added 2026/04/09 7:35 p.m.5 views

CVE-2026-34486

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

5.8AI score0.21691EPSS
Exploits6References2Affected Software1
Snyk
Snyk
added 2026/04/08 9:0 p.m.6 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the EncryptInterceptor's messageReceived method. An attacker can gain unauthorized access to sensitive data by bypassing EncryptInterceptor to intercept unencrypted communications. Note: This is d...

8.7CVSS6AI score0.21691EPSS
Exploits6References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.2 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.4 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder