Lucene search
K

8 matches found

Apache Tomcat
Apache Tomcat
added 2022/11/14 12:0 a.m.154 views

Fixed in Apache Tomcat 9.0.69

Low: Apache Tomcat JsonErrorReportValve injection CVE-2022-45143 The JsonErrorReportValve did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS7.5AI score0.02505EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2020/11/17 12:0 a.m.54 views

Fixed in Apache Tomcat 10.0.0-M10

Important: Information disclosure CVE-2021-24122 When serving resources from a network location using the NTFS file system it was possible to bypass security constraints and/or view the source code for JSPs in some configurations. The root cause was the unexpected behaviour of the JRE API...

7.5CVSS6.9AI score0.24622EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2019/11/21 12:0 a.m.77 views

Fixed in Apache Tomcat 8.5.49

Note: The issue below was fixed in Apache Tomcat 8.0.48 but the release vote for the 8.0.48 release candidate did not pass. Therefore, although users must download 8.0.49 to obtain a version that includes the fix for this issue, version 8.0.48 is not included in the list of affected versions...

7CVSS7.3AI score0.37618EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2017/05/10 12:0 a.m.65 views

Fixed in Apache Tomcat 8.5.15

Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...

7.5CVSS7.6AI score0.16567EPSS
Exploits1Affected Software1
Apache Tomcat
Apache Tomcat
added 2017/04/02 12:0 a.m.73 views

Fixed in Apache Tomcat 7.0.77

Important: Information Disclosure CVE-2017-5647 A bug in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong...

7.5CVSS8.3AI score0.1684EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2017/03/13 12:0 a.m.82 views

Fixed in Apache Tomcat 9.0.0.M18

Low: Information Disclosure CVE-2017-5648 While investigating bug 60718, it was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to...

9.1CVSS9.2AI score0.13225EPSS
Exploits0Affected Software1
Apache Tomcat
Apache Tomcat
added 2013/09/23 12:0 a.m.36 views

Fixed in Apache Tomcat 8.0.0-RC3

Note: The issue below was fixed in Apache Tomcat 8.0.0-RC2 but the release vote for 8.0.0-RC2 did not pass. Therefore, although users must download 8.0.0-RC3 to obtain a version that includes a fix for this issue, version 8.0.0-RC2 is not included in the list of affected versions. Important:...

6.3AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.80 views

[SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.11 - - Tomcat 6.0.0 to 6.0.32 - - Tomcat 5.5.0 to 5.5.33 - - Earlier,...

5CVSS0.3AI score0.0854EPSS
Exploits0
Rows per page
Query Builder