RHEL 10 : tomcat9 (RHSA-2026:18536)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18536 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.0 security release

Red Hat JBoss Web Server 6.2 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.0 security release

Red Hat JBoss Web Server 6.2.0 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Linux Enterprise 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

Apache Tomcat 10.1.0-M1 < 10.1.41 CGI Security Constraint Bypass

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.105, 10.1.0-M1 prior to 10.1.41 or 11.0.0-M1 prior to 11.0.7. It is, therefore, affected by a CGI security sonstraint bypass. Note that the scanner has not attempted to exploit these issues but has instead relied...

Apache Tomcat CGI Security Constraint Bypass Vulnerability (May 2025) - Windows

Apache Tomcat is prone to a CGI security constraint bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

GHSA-H2FW-RFH5-95R3 Apache Tomcat - CGI security constraint bypass

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1...

Fedora 40 : php (2024-2b429e720e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2b429e720e advisory. PHP version 8.3.12 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...