Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 3: tomcat (TSSA-2024:0045)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0045 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.1CVSS7.3AI score0.05972EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.11 views

TencentOS Server 4: tomcat (TSSA-2024:0243)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0243 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.3AI score0.99999EPSS
Exploits22References9
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2023-45648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81...

5.3CVSS6.7AI score0.05848EPSS
Exploits2References3
OSV
OSV
added 2025/02/04 7:2 p.m.8 views

CLSA-2025-1738695770 tomcat: Fix of CVE-2023-45648

CVE-2023-45648: fix improper processing of trailer headers which could lead to the possibility of request smuggling when behind a reverse proxy...

5.3CVSS6.8AI score0.05848EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2024/05/24 12:0 a.m.41 views

Oracle Linux 9 : tomcat (ELSA-2024-3307)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3307 advisory. - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache...

7.5CVSS7.7AI score0.23072EPSS
Exploits1References3
Amazon
Amazon
added 2024/03/18 12:0 a.m.7 views

Important: tomcat

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header...

5.3CVSS6.9AI score0.05848EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.44 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2024-012)

The version of tomcat installed on the remote host is prior to 9.0.83-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2024-012 advisory. Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through...

7.5CVSS6.9AI score0.02651EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.43 views

Amazon Linux 2 : tomcat (ALAS-2024-2501)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2501 advisory. Improper Input Validation vulnerability in Apache Tomcat. Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13...

5.3CVSS7.2AI score0.05848EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.29 views

openSUSE Security Advisory (SUSE-SU-2024:0472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.05848EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2024/02/17 12:0 a.m.87 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2024:0472-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0472-1 advisory. Updated to Tomcat 9.0.85: - CVE-2023-45648: Improve trailer header parsing bsc1216118. - CVE-2023-42794: FileUpload:...

7.8CVSS6.8AI score0.05848EPSS
Exploits2References18
OpenVAS
OpenVAS
added 2024/02/15 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2024:0472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.05848EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added 2024/01/25 10:59 a.m.52 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.1CVSS6.8AI score0.05972EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.39 views

RHEL 9 : tomcat (RHSA-2024:0474)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0474 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect...

6.1CVSS7.4AI score0.05972EPSS
Exploits2References11
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/16 7:8 a.m.30 views

Security Bulletin: [All] Apache Tomcat (core only) - CVE-2023-45648 (Publicly disclosed vulnerability)

Summary Apache Tomcat is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially...

5.3CVSS6.3AI score0.05848EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.102 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.5)

The version of AOS installed on the remote host is prior to 6.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.5 advisory. - Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through...

7.5CVSS7.2AI score0.99999EPSS
Exploits21References5
RedHat Linux
RedHat Linux
added 2024/01/10 11:32 a.m.52 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.1CVSS6.8AI score0.05972EPSS
Exploits2References5
AlmaLinux
AlmaLinux
added 2024/01/10 12:0 a.m.80 views

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

6.1CVSS7.3AI score0.05972EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/04 7:11 a.m.42 views

Security Bulletin: IBM DevOps Build 7.0.0 addresses multiple vulnerabilities.

Summary IBM DevOps Build 7.0.0 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2023-45648 DESCRIPTION: Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer header, an attacker...

5.9CVSS7.3AI score0.05848EPSS
Exploits2Affected Software1
Hacker One
Hacker One
added 2023/12/30 10:58 a.m.67 views

Internet Bug Bounty: Request Smuggling in Apache Tomcat (Important, CVE-2023-45648)

A vulnerability in Apache Tomcat versions 11.0.0-M1 to 11.0.0-M11, 10.1.0-M1 to 10.1.13, 9.0.0-M1 to 9.0.80, and 8.5.0 to 8.5.93 allowed HTTP request smuggling due to improper parsing of trailer headers. This could be exploited by a remote attacker to bypass security controls when Tomcat was...

5.3CVSS6.3AI score0.05848EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/12/19 5:43 p.m.44 views

K000137965: Apache Tomcat vulnerability CVE-2023-45648

Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid...

5.3CVSS7.8AI score0.05848EPSS
Exploits2Affected Software1
Rows per page
Query Builder