Apache Tomcat 7.0.0 < 7.0.75

The version of Tomcat installed on the remote host is prior to 7.0.75. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.75security-7 advisory. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to...

Apache Tomcat 8.0.0.RC1 < 8.0.41

The version of Tomcat installed on the remote host is prior to 8.0.41. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.41security-8 advisory. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to...

K82455382: Apache Tomcat vulnerability CVE-2016-8745

Security Advisory Description A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache...

Mageia: Security Advisory (MGASA-2017-0050)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contain security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

SUSE: Security Advisory (SUSE-SU-2017:1229-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1382-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1660-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight

Summary Jazz Reporting Service is shipped as a component of Rational Insight. Information about security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-8745 DESCRIPTION: Apache Tomcat could allow a remote attacker ...

Security Bulletin: Security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-8745 DESCRIPTION: Apache...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Core (CVE-2016-8745)

Summary IBM Algo One - Core was potentially vulnerable to a remote attacker's attempt to obtain sensitive information Advisory 7416. Vulnerability Details CVEID: CVE-2016-8745 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper handling...

Security Bulletin: Apache Tomcat vulnerability affects IBM Algo One - Counterparty Credit Risk (CVE-2016-8745)

Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat is refactored. An attacker could exploit this vulnerability to obtain the session ID and the...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2016-8745)

Summary IBM Algo One - Algo Risk Application could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat is refactored. An attacker could exploit this vulnerability to obtain the...

Apache Tomcat NIO HTTP connector Information Disclosure Vulnerability - Windows

Apache Tomcat is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"...

CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

CVE-2016-8745

CVE-2016-8745 describes a bug in Tomcat’s NIO HTTP connector error handling that could allow information leakage between requests. A Processor object could be added to the Processor cache multiple times, enabling the same Processor to service concurrent requests and potentially expose session IDs...

Virtuozzo 7 : tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (VZLSA-2017-0935)

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Virtuozzo 6 : tomcat6 / tomcat6-admin-webapps / etc (VZLSA-2017-0527)

An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE-SU-2017:1382-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure bsc1033448 - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure bsc1033447 - CVE-2016-8745 shared Processor on Connector code could...

openSUSE Security Update : tomcat (openSUSE-2017-586)

This update for tomcat fixes the following issues : - CVE-2017-5647 Pipelined requests could lead to information disclosure bsc1033448 - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure bsc1033447 - CVE-2016-8745 shared Processor on Connector code could...