Debian: Security Advisory (DLA-435-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2016-1054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details Consult the security bulletin...

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5174)

Summary Jazz Reporting Service is shipped as a component of Rational Insight. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin: Multiple security...

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5174)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details Consult the security bulletin Security Bulletin:...

Security Bulletin: Vulnerability OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application - CVE-2015-5345 CVE-2015-5346 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763

Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory that affects IBM Algorithmics Algo Risk...

Security Manager Bypass

web-naming is vulnerable to denial of service via security manager bypass. The ResourceLinkFactory.setGlobalContext method was accessibly under a security manager without any checks. This allowed a malicious web application to injection a global context that could be used to disrupt other web...

CentOS 7 : tomcat (CESA-2016:2599)

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.2 security update for Tomcat 7

An update is now available for Red Hat JBoss Web Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

[SECURITY] [DSA 3609-1] tomcat8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3609-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 29, 2016 https://www.debian.org/security/faq -...

RHEL 6 : JBoss Web Server (RHSA-2016:1087)

Red Hat JBoss Web Server 3.0.3 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Debian DSA-3552-1 : tomcat7 - security update

Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

[SECURITY] [DSA 3552-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3552-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2016 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3552-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2016-680)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: tomcat8

Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...

Fedora 22 : tomcat-7.0.68-3.fc22 (2016-e6651efbaf)

Revert sysconfig migration changes, resolves: rhbz1311771, rhbz1311905 - Add /etc/tomcat/conf.d/ with shell expansion support, resolves rhbz1293636 ---- - Load sysconfig from tomcat.conf, resolves: rhbz1311771, rhbz1311905 - Set default javax.sql.DataSource factory to apache commons one, resolves...

Debian DSA-3530-1 : tomcat6 - security update

Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

openSUSE Security Update : tomcat (openSUSE-2016-384)

This update for tomcat fixes the following issues : Tomcat 8 was updated from 8.0.23 to 8.0.32, to fix bugs and security issues. Fixed security issues : - CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended...

SOL51025324 - Apache Tomcat 7.x vulnerabilities CVE-2015-5346, CVE-2015-5351, and CVE-2016-0763

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...