13 matches found
RLSA-2026:36790 Important: tomcat9 security, bug fix, and enhancement update
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...
Important: Red Hat Security Advisory: tomcat security update
An update for tomcat is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Exploit for Missing Encryption of Sensitive Data in Apache Tomcat
CVE-2026-34486 EncryptInterceptor fail-open bypass in Apache...
Security update for tomcat10
This update for tomcat10 fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...
Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...
SUSE-SU-2026:1572-1 Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...
Security update for tomcat10 (important)
openSUSE security update: security update for tomcat10 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20612-1 Rating: important References: bsc1258371 bsc1261850 bsc1261851 bsc1261852 bsc1261853 bsc1261854 bsc1261855 bsc1261856 bsc1261857...
OPENSUSE-SU-2026:20595-1 Security update for tomcat11
This update for tomcat11 fixes the following issues: - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...
Apache Tomcat 11.0.0.M14 < 11.0.21 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 11.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.21security-11 advisory. - Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clusteri...
tomcat11-11.0.21-1.1 on GA media (moderate)
tomcat11-11.0.21-1.1 on GA media Announcement ID: openSUSE-SU-2026:10549-1 Rating: moderate Cross-References: CVE-2026-24880 CVE-2026-25854 CVE-2026-29129 CVE-2026-29145 CVE-2026-29146 CVE-2026-32990 CVE-2026-34483 CVE-2026-34486 CVE-2026-34487 CVE-2026-34500 CVSS scores: CVE-2026-24880 SUSE : 4....
CVE-2026-34486
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...
CVE-2026-34486
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...
CVE-2026-34486
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...