13 matches found
Security Bulletin: Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515.
Summary Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515. This bulletin contains information regarding the vulnerability and its...
OPENSUSE-SU-2026:21117-1 Security update for tomcat
This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165. -...
OPENSUSE-SU-2026:21122-1 Security update for tomcat10
This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165....
SUSE SLES12 Security Update : tomcat (SUSE-SU-2026:2299-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2299-1 advisory. This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handli...
Security update for tomcat
This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...
TencentOS Server 4: tomcat (TSSA-2026:0337)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0337 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
tomcat10-10.1.55-1.1 on GA media (moderate)
tomcat10-10.1.55-1.1 on GA media Announcement ID: openSUSE-SU-2026:10926-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...
tomcat11-11.0.22-1.1 on GA media (moderate)
tomcat11-11.0.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10927-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...
CVE-2026-43515 vulnerabilities
Vulnerabilities for packages: kayenta-fips, camunda, nacos-docker, camunda-zeebe, thingsboard, kayenta, ontop, ontop-fips...
acegisecurity:acegi-security-catalina (>=0.7.0 <=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.8) +40 more potentially affected by CVE-2026-43515 via tomcat:catalina (>=4.0.6 <=5.5.9)
tomcat:catalina MAVEN version =4.0.6, =0.7.0, =$parent.version, =0.6, =3.2.10-1-SP3seam2hibernate5, =1.5, =1.0, =1.0, =1.0.0, =4.7.1, =4.7.2 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta -...
CVE-2026-43515
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...
CVE-2026-43515
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...
CVE-2026-43515 Apache Tomcat: Security constraints not correctly applied
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...