Lucene search
+L

40 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.53 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2024-011)

The version of tomcat installed on the remote host is prior to 9.0.50-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2024-011 advisory. 2024-02-15: CVE-2021-33037 was added to this advisory. Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5...

5.3CVSS7.3AI score0.75353EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.22 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2023-007)

The version of tomcat installed on the remote host is prior to 9.0.50-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2023-007 advisory. Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding...

5.3CVSS7.3AI score0.75353EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.34 views

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-007)

The version of tomcat installed on the remote host is prior to 8.5.69-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT8.5-2023-007 advisory. A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid...

6.5CVSS7.4AI score0.75353EPSS
Exploits1References6
Amazon
Amazon
added 2023/09/25 12:0 a.m.6 views

Medium: tomcat

Issue Overview: Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly...

5.3CVSS7AI score0.75353EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.58 views

K32469285: Apache Tomcat vulnerability CVE-2021-33037

Security Advisory Description Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat...

5.3CVSS7.9AI score0.75353EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/07 4:30 p.m.27 views

Security Bulletin: IBM Rational Build Forge is affected by Apache Tomcat version used in it. (CVE-2021-33037)

Summary IBM Rational Build Forge is affected by CVE-2021-33037. Vulnerability Details CVEID: CVE-2021-33037 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTPS...

5.3CVSS0.4AI score0.75353EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/04/01 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.75353EPSS
Exploits17References3
Atlassian
Atlassian
added 2022/03/10 4:57 a.m.61 views

Tomcat versions bundled with the Crowd product are vulnerable to CVE-2021-33037

The different Tomcat versions 8.5.X bundled to the Atlassian Crowd product versions lower than Crowd 4.4.1 are vulnerable to CVE-2021-33037|https://vulners.com/cve/CVE-2021-33037 The Tomcat versions from 8.5.0 to 8.5.66 are affected by the mentioned...

5.3CVSS6AI score0.75353EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/09 4:28 p.m.25 views

Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-33037

Summary IBM UrbanCode Build is affected by CVE-2021-33037 Vulnerability Details CVEID: CVE-2021-33037 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a specially-crafted HTTPS transfer-encoding...

5.3CVSS5.6AI score0.75353EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2021-0485)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.75353EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/25 7:45 a.m.35 views

Security Bulletin: IBM UrbanCode Release is affected by CVE-2021-33037

Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.5.4 are affected by CVE-2021-33037 Vulnerability Details CVEID: CVE-2021-33037 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header. By sending a...

5.3CVSS5.6AI score0.75353EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2021/11/30 2:28 p.m.107 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release

Updated Red Hat JBoss Web Server 5.6.0 packages are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/11/30 2:25 p.m.70 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release

Red Hat JBoss Web Server 5.6.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/11/23 12:0 a.m.23 views

openSUSE: Security Advisory for tomcat (openSUSE-SU-2021:1490-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.1AI score0.75353EPSS
Exploits1References2
OSV
OSV
added 2021/11/19 7:6 p.m.8 views

OPENSUSE-SU-2021:1490-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2021-30640: Escape parameters in JNDI Realm queries bsc1188279. - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients bsc1188278. - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet...

7.5CVSS6.3AI score0.75353EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/11/17 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:3670-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.75353EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/11/17 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:3672-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.75353EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.40 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2021:3670-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3670-1 advisory. - CVE-2021-30640: Escape parameters in JNDI Realm queries bsc1188279. - CVE-2021-33037: Process T-E header from both HTTP 1.0 and...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.66 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2021:3672-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3672-1 advisory. - CVE-2021-30640: Escape parameters in JNDI Realm queries bsc1188279. - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1...

7.5CVSS6.8AI score0.75353EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.29 views

openSUSE 15 Security Update : tomcat (openSUSE-SU-2021:3672-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3672-1 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to...

7.5CVSS7.2AI score0.75353EPSS
Exploits1References10
Rows per page
Query Builder