27 matches found
Security Bulletin: Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2015-5174, others)
Summary The Jazz Team Server is shipped with or supports versions of the Apache Tomcat web server which contain security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational Requirements...
SUSE: Security Advisory (SUSE-SU-2016:0769-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: WebSphere Message Broker and IBM Integration Bus are affected by Open Source Tomcat vulnerability (CVE-2015-5346 )
Summary WebSphere Message Broker and IBM Integration Bus are affected by Open Source Apache Tomcat vulnerability. Vulnerability Details CVEID: CVE-2015-5346 DESCRIPTION: Apache Tomcat could allow a remote attacker to hijack a valid user's session, caused by the failure to recycle the...
Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE
Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details Consult the security bulletin...
Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5174)
Summary Jazz Reporting Service is shipped as a component of Rational Insight. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin: Multiple security...
Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5174)
Summary Jazz Team Server is shipped as a component of Jazz Reporting Service. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin:...
Security Bulletin: Vulnerability OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application - CVE-2015-5345 CVE-2015-5346 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory that affects IBM Algorithmics Algo Risk...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.2 security update for Tomcat 7
An update is now available for Red Hat JBoss Web Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...
tomcat security, bug fix, and enhancement update
0:7.0.69-10 - Related: rhbz1368122 0:7.0.69-9 - Resolves: rhbz1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368122 0:7.0.69-7 - Resolves: rhbz1362545 0:7.0.69-6 - Related: rhbz1201409 Added /etc/sysconfig/tomcat to the systemd unit fo...
RHEL 7 : tomcat (RHSA-2016:2046)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2046 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: It was discovered that the...
RedHat Update for tomcat RHSA-2016:2046-01
The remote host is missing an update for the Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
tomcat security update
0:7.0.54-8 - Resolves: rhbz1368121 0:7.0.54-7 - Resolves: rhbz1362212 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368121 0:7.0.54-5 - Resolves: rhbz1362567 0:7.0.54-4 - Resolves: CVE-2015-5346 0:7.0.54-3 - Resolves: CVE-2014-7810...
[SECURITY] [DSA 3609-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3609-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 29, 2016 https://www.debian.org/security/faq -...
RHEL 6 : JBoss Web Server (RHSA-2016:1087)
Red Hat JBoss Web Server 3.0.3 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Debian DSA-3552-1 : tomcat7 - security update
Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...
[SECURITY] [DSA 3552-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3552-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2016 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3552-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: tomcat8
Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...
Debian DSA-3530-1 : tomcat6 - security update
Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : tomcat (openSUSE-2016-384)
This update for tomcat fixes the following issues : Tomcat 8 was updated from 8.0.23 to 8.0.32, to fix bugs and security issues. Fixed security issues : - CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended...