Lucene search
K

28 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 9:22 a.m.19 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS7AI score0.09917EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/30 8:15 p.m.17 views

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1. Vulnerability Details CVEID:CVE-2025-46701 DESCRIPTION: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that...

9.8CVSS8.2AI score0.64718EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 5:53 p.m.12 views

Security Bulletin: IBM Watson Discovery Catridge affected by vulnerability in tomcat-embed-core-10.1.35.jar

Summary IBM Watson Discovery Catridge contains a vulnerable version of tomcat-embed-core-10.1.35.jar Vulnerability Details CVEID:CVE-2025-46701 DESCRIPTION: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints...

7.3CVSS8AI score0.02736EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.12 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.24 / 10.3.x < 10.3.7 / 10.6.x < 10.7.0 (JSDSERVER-16311)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16311 advisory. - Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security...

7.3CVSS8.3AI score0.02736EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.11 views

Debian: Security Advisory (DLA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.66933EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2025/07/15 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2025:02280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.54877EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/07/11 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2025:02261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.54877EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/07/11 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2025:02261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.54877EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.9 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2025:02280-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02280-1 advisory. - CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. - CVE-2025-48988: Fixe...

7.5CVSS7.1AI score0.54877EPSS
Exploits2References11
SUSE Linux
SUSE Linux
added 2025/07/10 4:5 p.m.7 views

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656...

9.1CVSS7.8AI score0.54877EPSS
Exploits2References14
OpenVAS
OpenVAS
added 2025/07/07 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2025:02214-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.54877EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/07/04 12:0 a.m.9 views

SUSE SLES12: tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (SUSE-SU-2025:02214-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02214-1 advisory. - CVE-2025-46701: Refactored CGI servlet to access resources via WebResources bsc1243815. - CVE-2025-48988: Limited the total number of parts ...

7.5CVSS7.1AI score0.54877EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.8 views

Photon OS 4.0: Apache PHSA-2025-4.0-0823

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0823. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.4CVSS8AI score0.54877EPSS
Exploits2References5
Amazon
Amazon
added 2025/06/23 12:0 a.m.9 views

Medium: tomcat9

Issue Overview: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, fr...

7.3CVSS9.8AI score0.02736EPSS
Exploits1
Amazon
Amazon
added 2025/06/23 12:0 a.m.9 views

Medium: tomcat10

Issue Overview: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, fr...

7.3CVSS9.8AI score0.02736EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.13 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-1030)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1030 advisory. Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the...

7.3CVSS8.3AI score0.02736EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.11 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2025-019)

The version of tomcat installed on the remote host is prior to 9.0.105-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2025-019 advisory. Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of...

7.3CVSS8.4AI score0.02736EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.11 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1031)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1031 advisory. Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the...

7.3CVSS8.3AI score0.02736EPSS
Exploits1References4
OSV
OSV
added 2025/06/13 2:21 p.m.5 views

OESA-2025-1641 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: A vulnerability was found in...

7.3CVSS6.8AI score0.02736EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2025-0177)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.5AI score0.02736EPSS
Exploits1References4
Rows per page
Query Builder