4 matches found
tomcat-coyote: tomcat: Improper Authorization allows security bypass
In Apache Tomcat, when multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. A remote attacker could exploit this to bypass intended security restrictions for information or actions within the application...
GHSA-5M62-PW8W-7W9F Apache Tomcat - Security constraints not correctly applied
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...
Apache Tomcat - Security constraints not correctly applied
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...
tomcat-coyote: tomcat: Improper Authorization allows security bypass
In Apache Tomcat, when multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. A remote attacker could exploit this to bypass intended security restrictions for information or actions within the application...