Lucene search
+L

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/12 8:44 p.m.4 views

tomcat-coyote: tomcat: Improper Authorization allows security bypass

In Apache Tomcat, when multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. A remote attacker could exploit this to bypass intended security restrictions for information or actions within the application...

9.1CVSS7AI score0.01136EPSS
Exploits1References5
OSV
OSV
added 2026/05/12 6:30 p.m.7 views

GHSA-5M62-PW8W-7W9F Apache Tomcat - Security constraints not correctly applied

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...

9.1CVSS5.8AI score0.01136EPSS
Exploits1References10
Github Security Blog
Github Security Blog
added 2026/05/12 6:30 p.m.16 views

Apache Tomcat - Security constraints not correctly applied

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...

9.1CVSS5.8AI score0.01136EPSS
Exploits1References10Affected Software3
RedHat Linux
RedHat Linux
added 2026/05/05 1:37 p.m.2 views

tomcat-coyote: tomcat: Improper Authorization allows security bypass

In Apache Tomcat, when multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. A remote attacker could exploit this to bypass intended security restrictions for information or actions within the application...

9.1CVSS7AI score0.01136EPSS
Exploits1References5
Rows per page
Query Builder