41 matches found
Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2026-1673)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1673 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...
Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2026-1672)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1672 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...
Security Bulletin: IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat
Summary IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat. Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension...
Medium: tomcat
Issue Overview: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M1 through 9.0.115, from 8.5.0...
Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2026-025 (ALASTOMCAT9-2026-025)
The version of tomcat installed on the remote host is prior to 9.0.117-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2026-025 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via...
SUSE SLES15 Security Update : tomcat10 (SUSE-SU-2026:1603-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1603-1 advisory. Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...
Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...
SUSE-SU-2026:1604-1 Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...
SUSE-SU-2026:1603-1 Security update for tomcat10
This update for tomcat10 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...
openSUSE 16 Security Update : tomcat10 (openSUSE-SU-2026:20612-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20612-1 advisory. - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...
openSUSE 16 Security Update : tomcat (openSUSE-SU-2026:20611-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20611-1 advisory. - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. -...
SUSE SLES15 Security Update : tomcat11 (SUSE-SU-2026:1558-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1558-1 advisory. Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...
openSUSE 16 Security Update : tomcat11 (openSUSE-SU-2026:20595-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20595-1 advisory. - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...
SUSE-SU-2026:1558-1 Security update for tomcat11
This update for tomcat11 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...
SUSE-SU-2026:21379-1 Security update for tomcat10
This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...
SUSE-SU-2026:21378-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...
OPENSUSE-SU-2026:20612-1 Security update for tomcat10
This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...
OPENSUSE-SU-2026:20611-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...
SUSE-SU-2026:21366-1 Security update for tomcat11
This update for tomcat11 fixes the following issues: - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...
OESA-2026-1970 tomcat security update
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Inconsistent Interpretation of...