Lucene search
K

239 matches found

RedHat Linux
RedHat Linux
added 2025/12/10 2:55 p.m.7 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.7AI score0.66535EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2025/12/10 2:52 p.m.7 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.7AI score0.66535EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2025/12/10 2:44 p.m.4 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.7AI score0.66535EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2025/12/10 2:39 p.m.6 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.7AI score0.66535EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2025/12/09 3:25 p.m.7 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.7AI score0.66535EPSS
Exploits4References6
OSV
OSV
added 2025/12/01 6:59 p.m.4 views

GHSA-53GX-J3P6-2RW9 XWiki Jetty Package (XJetty) allows accessing any application file through URL

Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...

8.7CVSS6.9AI score0.01378EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/11/06 4:24 p.m.4 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.1AI score0.66535EPSS
Exploits4References6
Veracode
Veracode
added 2025/10/30 1:44 p.m.38 views

Relative Path Traversal

Apache Tomcat is vulnerable to Path Traversal. The vulnerability is due to the rewritten URL being normalized before it was decoded. This allows an attackers to manipulate the request URI and, if PUT is enabled, upload malicious files to bypass security constraints protecting /WEB-INF/ and...

7.5CVSS7.9AI score0.66535EPSS
Exploits4References13Affected Software3
OSV
OSV
added 2025/10/27 6:31 p.m.7 views

GHSA-WMWF-9CCG-FFF5 Apache Tomcat Vulnerable to Relative Path Traversal

The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...

7.7CVSS7.1AI score0.66535EPSS
Exploits4References13
Snyk
Snyk
added 2025/10/27 6:31 p.m.8 views

Relative Path Traversal

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Relative Path Traversal via the URL normalization. An attacker can bypass security constraints and access restricted directories suc...

7.7CVSS9AI score0.66535EPSS
Exploits4References2
Github Security Blog
Github Security Blog
added 2025/10/27 6:31 p.m.17 views

Apache Tomcat Vulnerable to Relative Path Traversal

The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...

7.5CVSS9.3AI score0.66535EPSS
Exploits4References13Affected Software3
NVD
NVD
added 2025/10/27 6:15 p.m.17 views

CVE-2025-55752

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS0.66535EPSS
Exploits4References5
OSV
OSV
added 2025/10/27 6:15 p.m.4 views

UBUNTU-CVE-2025-55752

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS7.3AI score0.66535EPSS
Exploits4References6
OSV
OSV
added 2025/10/27 5:29 p.m.9 views

CVE-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS7.3AI score0.66535EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/27 5:29 p.m.8 views

EUVD-2025-36224

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS7.3AI score0.66535EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1835

Malware in sbrugna...

5CVSS7.5AI score0.03709EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1834

Malware in sbrugna...

5CVSS7.5AI score0.02178EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-1838

Malware in sbrugna...

5CVSS7.5AI score0.02519EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21819

Malware in sbrugna...

5.3CVSS6AI score0.01144EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2002-1839

Malware in sbrugna...

5CVSS7.5AI score0.02119EPSS
Exploits0References5
Rows per page
Query Builder