Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.43 views

EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2021-2435)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39,...

7.5CVSS7AI score0.56636EPSS
Exploits15References3
Github Security Blog
Github Security Blog
added 2021/03/19 8:11 p.m.73 views

Potential remote code execution in Apache Tomcat

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

7CVSS2.4AI score0.56636EPSS
Exploits15References21Affected Software1
RedhatCVE
RedhatCVE
added 2021/03/02 12:32 p.m.79 views

CVE-2021-25329

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

7.5CVSS7.4AI score0.56636EPSS
Exploits15References8
Veracode
Veracode
added 2021/03/02 7:51 a.m.49 views

Remote Code Execution (RCE)

tomcat9 is vulnerable to remote code execution RCE. The vulnerability exists through the incomplete fix for CVE-2020-9484, with a configuration edge case that was highly unlikely to be used...

7CVSS2.4AI score0.56636EPSS
Exploits15References27Affected Software12
NVD
NVD
added 2021/03/01 12:15 p.m.44 views

CVE-2021-25329

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

7CVSS0.56636EPSS
Exploits15References17
Debian CVE
Debian CVE
added 2021/03/01 12:0 p.m.52 views

CVE-2021-25329

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

7CVSS6.8AI score0.09491EPSS
Exploits15
Apache Tomcat
Apache Tomcat
added 2021/02/02 12:0 a.m.58 views

Fixed in Apache Tomcat 10.0.2

Note: The issues below were fixed in Apache Tomcat 10.0.1 but the release vote for the 10.0.1 release candidate did not pass. Therefore, although users must download 10.0.2 to obtain a version that includes a fix for these issues, version 10.0.1 is not included in the list of affected versions...

7CVSS7.2AI score0.56636EPSS
Exploits15Affected Software1
Rows per page
Query Builder