Lucene search
K

44 matches found

OSV
OSV
added 2026/05/18 1:35 p.m.21 views

CLEANSTART-2026-MR27796 Security fixes for CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2025-31650, CVE-2025-31651 applied in versions: 10.1.53-r0, 9.0.58-r0, 9.0.63-r0, 9.0.64-r0, 9.0.68-r0, 9.0.70-r0, 9.0.71-r0, 9.0.73-r0, 9.0.80-r0

Multiple security vulnerabilities affect the tomcat10 package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS7.5AI score0.73139EPSS
Exploits27References19
Ubuntu
Ubuntu
added 2024/08/01 8:25 p.m.58 views

USN-6943-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...

7.5CVSS7.6AI score0.73139EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2024/08/01 12:0 a.m.30 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Tomcat vulnerabilities (USN-6943-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6943-1 advisory. It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. ...

7.5CVSS7.6AI score0.73139EPSS
Exploits20References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.49 views

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: request mixup CVE-2022-25762 - When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 ...

8.5AI score0.73139EPSS
Exploits28References15
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.33 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2023-003)

The version of tomcat installed on the remote host is prior to 9.0.58-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2023-003 advisory. The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8...

7CVSS7AI score0.56636EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.40 views

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-004)

The version of tomcat installed on the remote host is prior to 8.5.75-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-004 advisory. The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to...

7CVSS7AI score0.56636EPSS
Exploits15References4
Amazon
Amazon
added 2023/09/25 12:0 a.m.9 views

Important: tomcat

Issue Overview: The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomc...

7CVSS6.7AI score0.56636EPSS
Exploits15
Mageia
Mageia
added 2023/04/15 7:3 p.m.142 views

Updated tomcat packages fix security vulnerability

Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...

7.5CVSS6.7AI score0.73139EPSS
Exploits21References12
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.225 views

K28409053: Apache Tomcat vulnerability CVE-2022-23181

Security Advisory Description The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user...

7CVSS7.6AI score0.00692EPSS
Exploits15Affected Software1
RedHat Linux
RedHat Linux
added 2023/02/06 2:38 p.m.54 views

Moderate: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2.SP1 security update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7CVSS6.8AI score0.00692EPSS
Exploits15References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:49 p.m.40 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Process Mining (CVE-2022-23181)

Summary There is a vulnerability in Apache Tomcat that could allow an attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-23181...

7CVSS6.9AI score0.00692EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.26 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2022-23181)

Summary Vulnerabilities in Apache Tomcat affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2022-23181. Please see below for details on how to remdiate this issue. Vulnerability Details CVEID:CVE-2022-23181 DESCRIPTION: Apache Tomcat could allow a local authenticated...

7CVSS6.8AI score0.00692EPSS
Exploits15Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/02 10:40 a.m.47 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.0 release and security update

Red Hat JBoss Web Server 5.7.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

7.5CVSS6.7AI score0.07024EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2022/11/02 12:0 a.m.27 views

RHEL 7 / 8 / 9 : Red Hat JBoss Web Server 5.7.0 (RHSA-2022:7272)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7272 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

7CVSS7.1AI score0.01912EPSS
Exploits15References6
Tenable Nessus
Tenable Nessus
added 2022/10/30 12:0 a.m.58 views

Debian DSA-5265-1 : tomcat9 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5265 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

7.5CVSS7.3AI score0.73139EPSS
Exploits20References11
Debian
Debian
added 2022/10/29 9:59 p.m.70 views

[SECURITY] [DSA 5265-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5265-1 [email protected] https://www.debian.org/security/ Markus Koschany October 29, 2022 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.73139EPSS
Exploits20
Debian
Debian
added 2022/10/26 12:16 p.m.81 views

[SECURITY] [DLA 3160-1] tomcat9 security update

Debian LTS Advisory DLA-3160-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 26, 2022 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u7 CVE ID : CVE-2021-43980 CVE-2022-23181 CVE-2022-29885 Several security vulnerabilities have been...

7.5CVSS6.7AI score0.73139EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.41 views

Amazon Linux 2022 : tomcat, tomcat-admin-webapps, tomcat-el-3.0-api (ALAS2022-2022-044)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-044 advisory. The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a...

7CVSS7AI score0.56636EPSS
Exploits15References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/18 3:21 p.m.32 views

Security Bulletin: IBM UrbanCode Release is vulnerable to elevated privileges due to use of Apache Tomcat CVE-2022-23181

Summary Apache Tomcat is used by IBM UrbanCode Release. This fix includes Apache Tomcat 8.5.79. Vulnerability Details CVEID:CVE-2022-23181 DESCRIPTION: Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of use flaw...

7CVSS6.8AI score0.00692EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/29 2:19 a.m.32 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tomcat

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Tomcat. Vulnerability Details CVEID: CVE-2022-23181 DESCRIPTION: Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of u...

7CVSS1.4AI score0.00692EPSS
Exploits15Affected Software1
Rows per page
Query Builder