Lucene search
K

47 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 4:38 p.m.1 views

Apache Tomcat: Apache Tomcat: Configured cipher preference order not preserved

A flaw was found in Apache Tomcat. This vulnerability occurs when the configured cipher preference order is not preserved. This could allow an attacker to bypass intended security configurations, potentially leading to a weakened security posture or information disclosure...

7.5CVSS6.1AI score0.00259EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.8 views

tomcat security update

1:9.0.117-1 - Resolves: RHEL-150714 Certificate revocation bypass due to improper OCSP response validation - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled CVE-2026-34500 - Resolves: Tomcat: Cloud membership for clustering component exposed the Kubernet...

9.6CVSS7.2AI score0.21691EPSS
Exploits9
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 12:39 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in tomcat-embed-core-9.0.115.jar

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in tomcat-embed-core-9.0.115.jar Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. Th...

9.1CVSS6.1AI score0.0504EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:42 p.m.5 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Apache Tomcat has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

9.1CVSS6.7AI score0.0504EPSS
Exploits3Affected Software2
F5 Networks
F5 Networks
added 2026/06/05 6:59 a.m.25 views

K000161596: Multiple Apache Tomcat vulnerabilities

Security Advisory Description CVE-2026-25854 Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through...

9.1CVSS5.8AI score0.0504EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.19 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2026-1672)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1672 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...

9.1CVSS6AI score0.0504EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2026-1673)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1673 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...

9.1CVSS6AI score0.0504EPSS
Exploits3References20
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/14 2:9 p.m.14 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat

Summary IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat. Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension...

9.1CVSS6AI score0.0504EPSS
Exploits3Affected Software1
Amazon
Amazon
added 2026/04/30 12:0 a.m.12 views

Medium: tomcat

Issue Overview: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M1 through 9.0.115, from 8.5.0...

9.1CVSS5.7AI score0.0504EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.16 views

Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2026-025 (ALASTOMCAT9-2026-025)

The version of tomcat installed on the remote host is prior to 9.0.117-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2026-025 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via...

9.1CVSS7.3AI score0.0504EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

SUSE SLES15 Security Update : tomcat10 (SUSE-SU-2026:1603-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1603-1 advisory. Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS8.8AI score0.21691EPSS
Exploits8References32
SUSE Linux
SUSE Linux
added 2026/04/24 11:48 a.m.6 views

Security update for tomcat

This update for tomcat fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...

8.7CVSS5.6AI score0.0504EPSS
Exploits1References40
OSV
OSV
added 2026/04/24 11:48 a.m.6 views

SUSE-SU-2026:1604-1 Security update for tomcat

This update for tomcat fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

9.1CVSS5.4AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/24 11:47 a.m.5 views

SUSE-SU-2026:1603-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

9.1CVSS5.4AI score0.21691EPSS
Exploits8References21
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.13 views

openSUSE 16 Security Update : tomcat (openSUSE-SU-2026:20611-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20611-1 advisory. - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. -...

9.1CVSS5.6AI score0.21691EPSS
Exploits8References31
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.6 views

openSUSE 16 Security Update : tomcat10 (openSUSE-SU-2026:20612-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20612-1 advisory. - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS5.6AI score0.21691EPSS
Exploits8References31
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.5 views

SUSE SLES15 Security Update : tomcat11 (SUSE-SU-2026:1558-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1558-1 advisory. Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS8.7AI score0.21691EPSS
Exploits8References32
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.8 views

openSUSE 16 Security Update : tomcat11 (openSUSE-SU-2026:20595-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20595-1 advisory. - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS5.8AI score0.21691EPSS
Exploits8References31
OSV
OSV
added 2026/04/22 4:24 p.m.7 views

SUSE-SU-2026:1558-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

9.1CVSS8.5AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/22 11:9 a.m.4 views

SUSE-SU-2026:21379-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
Rows per page
Query Builder