Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Tomcat9

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted elsewhere beyond the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not protected by the...

7.5CVSS7.9AI score0.03163EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 12:40 p.m.3 views

SUSE-SU-2025:03024-1 Security update for tomcat

This update for tomcat fixes the following issues: Updated to 9.0.108: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318 -...

7.5CVSS5.8AI score0.03389EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.1 views

SUSE SLES15: tomcat11 / tomcat11-admin-webapps / tomcat11-doc / etc (SUSE-SU-2025:02979-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02979-1 advisory. Updated to Tomcat 11.0.9 - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations o...

7.5CVSS7.3AI score0.03163EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2025/08/25 1:46 p.m.4 views

Security update for tomcat11

This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.9 - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318...

9.1CVSS8.2AI score0.03163EPSS
Exploits0References10
OSV
OSV
added 2025/08/25 1:46 p.m.2 views

SUSE-SU-2025:02979-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.9 - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References6
OSV
OSV
added 2025/08/25 1:45 p.m.3 views

SUSE-SU-2025:02978-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.43i: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc124631...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/08/20 3:40 p.m.3 views

tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources

A flaw has been discovered in path handling logic in Apache Tomcat. When using either PreResources or PostResources mounted on a non-root path, it is possible to access resources via an unexpected path. This may result in leaking of files on those paths...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/20 3:36 p.m.3 views

tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources

A flaw has been discovered in path handling logic in Apache Tomcat. When using either PreResources or PostResources mounted on a non-root path, it is possible to access resources via an unexpected path. This may result in leaking of files on those paths...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/28 1:54 p.m.5 views

tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources

A flaw has been discovered in path handling logic in Apache Tomcat. When using either PreResources or PostResources mounted on a non-root path, it is possible to access resources via an unexpected path. This may result in leaking of files on those paths...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References5
OSV
OSV
added 2025/06/16 3:32 p.m.2 views

GHSA-WC4R-XQ3C-5CF3 Apache Tomcat - Security constraint bypass for pre/post-resources

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

6.3CVSS7AI score0.03163EPSS
Exploits0References11
OSV
OSV
added 2025/06/16 3:15 p.m.2 views

DEBIAN-CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.5CVSS8AI score0.03163EPSS
Exploits0References1
NVD
NVD
added 2025/06/16 3:15 p.m.20 views

CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.5CVSS0.03163EPSS
Exploits0References3
OSV
OSV
added 2025/06/16 3:15 p.m.4 views

UBUNTU-CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.5CVSS7.1AI score0.03163EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/06/16 12:0 a.m.1 views

Apache Tomcat 安全漏洞

Apache Tomcat is a lightweight Web application server from the American Apache Apache Foundation. It is used to implement support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from the possibility of bypassing security constraints when using...

7.5CVSS7.4AI score0.03163EPSS
Exploits0References4
Rows per page
Query Builder