Lucene search
K

11 matches found

Nuclei
Nuclei
added yesterday49 views

Apache Tomcat - HTTP Request Smuggling

Apache Tomcat from versions 8.5.0 to 8.5.93, 9.0.0-M1 to 9.0.81, 10.1.0-M1 to 10.1.13, and 11.0.0-M1 to 11.0.0-M11 contain an improper input validation caused by incorrect parsing of HTTP trailer headers, letting attackers craft headers to cause request smuggling, exploit requires sending malicio...

5.3CVSS6.7AI score0.05848EPSS
Exploits2References3
Snyk
Snyk
added 2025/09/23 5:37 p.m.7 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.3 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.6 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 2:23 p.m.10 views

OESA-2024-2460 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

8.6CVSS6.8AI score0.99999EPSS
Exploits21References9
OSV
OSV
added 2024/11/15 12:20 p.m.10 views

OESA-2024-2405 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

8.6CVSS6.8AI score0.99999EPSS
Exploits20References8
OSV
OSV
added 2024/11/15 12:20 p.m.10 views

OESA-2024-2404 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

8.6CVSS6.8AI score0.99999EPSS
Exploits20References8
OSV
OSV
added 2024/11/15 12:20 p.m.10 views

OESA-2024-2403 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

8.6CVSS6.8AI score0.99999EPSS
Exploits20References8
OSV
OSV
added 2024/11/15 12:19 p.m.8 views

OESA-2024-2402 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

8.6CVSS6.8AI score0.99999EPSS
Exploits20References8
OSV
OSV
added 2024/02/14 2:2 p.m.12 views

SUSE-SU-2024:0472-1 Security update for tomcat

This update for tomcat fixes the following issues: Updated to Tomcat 9.0.85: - CVE-2023-45648: Improve trailer header parsing bsc1216118. - CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows bsc1216120. - CVE-2023-42795: Improve handling of failures during recycle methods...

7.8CVSS6.7AI score0.05848EPSS
Exploits2References13
OSV
OSV
added 2023/11/03 11:6 a.m.7 views

OESA-2023-1788 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

5.3CVSS7.5AI score0.05848EPSS
Exploits2References2
Rows per page
Query Builder