Lucene search
K

4 matches found

OSV
OSV
added 2024/03/06 11:9 a.m.36 views

BIT-TOMCAT-2022-42252 Apache Tomcat request smuggling via malformed content-length

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0 to 9.0.67, 10.0.0 to 10.0.26 or 10.1.0 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false the default for 8.5.x only, Tomcat did not reject a request containing an invalid Content-Length header making a request...

7.5CVSS6.7AI score0.01448EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/28 12:0 a.m.168 views

Apache Tomcat 8.5.x < 8.5.51 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 or 7.0.0 to 7.0.99. It is, therefore, affected by multiple vulnerabilities : - An arbitrary file read vulnerability in AJP protocol due to an implementation defect which could also be leveraged to...

9.8CVSS6.5AI score0.9927EPSS
Exploits45References4
Kaspersky
Kaspersky
added 2019/02/08 12:0 a.m.36 views

KLA11494 DOS vulnerability in Apache Tomcat

Incorrect requests handling int Apache HTTP/2. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2019-0199 warning Solution Update to the latest version Download...

7.5CVSS6.8AI score0.72855EPSS
Exploits0References3
NVD
NVD
added 2016/07/04 10:59 p.m.21 views

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service CPU consumption via a long boundary string...

7.8CVSS7.4AI score0.35927EPSS
Exploits0References49
Rows per page
Query Builder