Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.58 views

Apache Tomcat 7.0.0 < 7.0.100 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.100. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.100security-7 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to...

9.8CVSS8.6AI score0.9927EPSS
Exploits45References10
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.200 views

K66289873: Apache Tomcat vulnerability CVE-2019-17569

Security Advisory Description The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request...

5.8CVSS7.5AI score0.08872EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.75 views

Mageia: Security Advisory (MGASA-2020-0138)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.9927EPSS
Exploits45References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.45 views

SUSE: Security Advisory (SUSE-SU-2020:0631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.9927EPSS
Exploits45References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2020:1498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.56636EPSS
Exploits18References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.43 views

SUSE: Security Advisory (SUSE-SU-2020:0598-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References8
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 9:16 p.m.52 views

Security Bulletin: [All] Apache Tomcat (core only) (Publicly disclosed vulnerability) CVE-2020-1935, CVE-2019-17569

Summary In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a...

5.8CVSS0.09386EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/26 12:28 p.m.28 views

Security Bulletin: IBM Integration Bus affected by multiple Apache Tomcat vulnerabilities.

Summary IBM Integration Bus ships Apache Tomcat which is susceptible to vulnerabilities which were reported and have been addressed. Vulnerability Details CVEID: CVE-2020-1935 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual...

5.8CVSS0.3AI score0.09386EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/07 12:0 a.m.58 views

Debian DSA-4673-1 : tomcat8 - security update

Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling and code execution in the AJP connector disabled by default in Debian. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.6AI score0.9927EPSS
Exploits45References6
Debian
Debian
added 2020/05/06 8:58 p.m.117 views

[SECURITY] [DSA 4680-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4680-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.4AI score0.9927EPSS
Exploits45
OpenVAS
OpenVAS
added 2020/05/05 12:0 a.m.84 views

Debian: Security Advisory (DSA-4673-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.9927EPSS
Exploits45References6
Debian
Debian
added 2020/05/03 6:29 p.m.101 views

[SECURITY] [DSA 4673-1] tomcat8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4673-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.4AI score0.9927EPSS
Exploits45
Atlassian
Atlassian
added 2020/04/30 9:4 a.m.121 views

The version of Apache Tomcat included with Jira Server is affected by CVE-2020-1935, CVE-2020-1938, CVE-2019-17569

h3. Issue Summary The recently disclosed vulnerabilities regarding Apache Tomcat CVE-2020-1935|https://vulners.com/cve/CVE-2020-1935 CVE-2019-17569|https://vulners.com/cve/CVE-2019-17569 CVE-2020-1938|https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2020-1938 Which affects the following...

9.8CVSS8.3AI score0.9927EPSS
Exploits45Affected Software1
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.96 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.3 release

Updated Red Hat JBoss Web Server 5.3.0 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

9.8CVSS7AI score0.9927EPSS
Exploits45References10
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.153 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.3 release

Red Hat JBoss Web Server 5.3.0 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7AI score0.9927EPSS
Exploits45References6
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.66 views

RHEL 6 / 7 / 8 : Red Hat JBoss Web Server 5.3 (Important) (RHSA-2020:1520)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1520 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References16
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/06 3:58 a.m.81 views

Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony

Summary This interim fix provides instructions on upgrading Apache Tomcat to v8.5.53 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address security vulnerabilities CVE-2020-1938, CVE-2020-1935 and CVE-2019-17569 in Apache Tomcat. Vulnerability Details CVEID: CVE-2020-1938 DESCRIPTION: Apach...

9.8CVSS0.6AI score0.9927EPSS
Exploits45Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.71 views

openSUSE Security Update : tomcat (openSUSE-2020-345)

This update for tomcat to version 9.0.31 fixes the following issues : Security issues fixed : - CVE-2019-17569: Fixed a regression in the handling of Transfer-Encoding headers that would have allowed HTTP Request Smuggling bsc1164825. - CVE-2020-1935: Fixed an HTTP Request Smuggling issue...

9.8CVSS7.6AI score0.9927EPSS
Exploits45References6
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.67 views

Amazon Linux AMI : tomcat7 (ALAS-2020-1352)

The version of tomcat7 installed on the remote host is prior to 7.0.100-1.36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1352 advisory. In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach...

9.8CVSS8.6AI score0.9927EPSS
Exploits45References7
Mageia
Mageia
added 2020/03/10 7:4 p.m.265 views

Updated tomcat packages fix security vulnerabilities

The updated packages fix security vulnerabilities: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility ...

9.8CVSS8.9AI score0.9927EPSS
Exploits45References3
Rows per page
Query Builder