com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3270 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3270 Source advisory: SNYK:JAVA-COMGITHUBPSIPROBE-15369739...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3269 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3269 Source advisory: SNYK:JAVA-COMGITHUBPSIPROBE-15369738...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3270 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3270 Source advisory: OSV:GHSA-429M-9874-RX9W...

com.github.psi-probe:psi-probe-tomcat10 (>=5.0.0 <=5.3.0), com.github.psi-probe:psi-probe-tomcat11 (>=5.0.0 <=5.3.0) +5 more potentially affected by CVE-2026-3269 via com.github.psi-probe:psi-probe-core (>=3.0.0 <=5.3.0)

com.github.psi-probe:psi-probe-core MAVEN version =3.0.0, =5.0.0, =5.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.3.0 Source cves: CVE-2026-3269 Source advisory: OSV:GHSA-RX6W-2W6H-R346...

MiracleLinux 7 : tomcat-7.0.76-15.el7 (AXSA:2020-627:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-627:03 advisory. tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS CVE-2020-13935 tomcat: session fixation when using FORM...

MiracleLinux 7 : tomcat-7.0.76-11.el7 (AXSA:2020-4508:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4508:01 advisory. tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability CVE-2020-1938 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 7 : tomcat-7.0.69-12.el7 (AXSA:2017-1748:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1748:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Ja...

MiracleLinux 7 : tomcat-7.0.76-2.el7 (AXSA:2017-1908:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1908:03 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Ja...

MiracleLinux 7 : tomcat-7.0.69-10.el7 (AXSA:2016-1116:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1116:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Ja...

Linux Distros Unpatched Vulnerability : CVE-2016-9774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The postinst script in the tomcat6 package before 6.0.45+dfsg-1deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; th...

Linux Distros Unpatched Vulnerability : CVE-2016-9775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on...

USN-7282-1 tomcat7 vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code...

SUSE CVE-2014-0186

A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux RHEL 7 allows remote attackers to cause a denial of service CPU consumption via a crafted request. NOTE: this vulnerability exists because of an unspecified regression...

SUSE CVE-2012-4431

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery CSRF protection mechanism via a request that lacks a session identifier...

USN-4791-1 tomcat7 vulnerabilities

It was discovered that Apache Tomcat 7 did not protect applications from the presence of untrusted client data in an environment variable. A remote attacker could possible use this vulnerability to redirect the traffic to an arbitrary proxy and obtain sensitive information. CVE-2016-5388 It was...

PT-2020-4410

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.27 through 7.0.104 Apache Tomcat versions 8.5.0 through 8.5.56 Apache Tomcat versions 9.0.0.M1 through 9.0.36 Apache Tomcat versions 10.0.0-M1 through 10.0.0-M6 Description: The issue is related to the execution of ...

USN-3787-1 tomcat7, tomcat8 vulnerability

It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs...

USN-3723-1 tomcat7, tomcat8 vulnerabilities

It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. CVE-2018-1336 It was discovered that the Tomcat WebSocket client incorrectly performed hostname verificatio...

USN-3204-1 tomcat6, tomcat7 vulnerability

It was discovered that Tomcat incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to cause Tomcat to consume resources, resulting in a denial of service...

PT-2016-6402 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.70 Apache Tomcat versions 8.0.0 through 8.5.4 Description: The issue allows remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header i...