5 matches found
MiracleLinux 7 : tomcat-7.0.76-12.el7 (AXSA:2020-138:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-138:02 advisory. tomcat: deserialization flaw in session persistence storage leading to RCE CVE-2020-9484 Tenable has extracted the preceding description block directly from t...
MiracleLinux 7 : tomcat-7.0.76-16.0.1.el7.AXS7 (AXSA:2024-8731:12)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8731:12 advisory. Fix file path bug introduced by the CVE-2021-25329 fix CVEs: CVE-2021-25329 The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to...
MiracleLinux 7 : tomcat-7.0.54-8.el7 (AXSA:2016-704:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-704:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...
UBUNTU-CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...
PT-2014-2453 · Apache · Apache Tomcat
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.x Description: The issue allows local users to potentially obtain sensitive information by reading files due to world-readable permissions for the log directory and its files. However, one Tomcat distributor claims th...