SUSE-SU-2026:0932-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.115: - CVE-2025-66614: client certificate verification bypass due to virtual host mapping bsc1258371. - CVE-2026-24733: improper input validation on HTTP/0.9 requests bsc1258385. - CVE-2026-24734: certificate revocation bypas...

Apache Tomcat 输入验证错误漏洞

Apache Tomcat is a lightweight Web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Versions of Apache Tomcat 11.0.14 and earlier, 10.1.49 and earlier, as well as 9.0.112 and earlier, have a vulnerability related...

UBUNTU-CVE-2016-4651

Cross-site scripting XSS vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting XPXSS" vulnerability...

Apache HTTP Server mod_proxy Reverse Proxy HTTP 0.9 Information Disclosure

The version of Apache HTTP Server running on the remote host has an information disclosure vulnerability. When configured as a reverse proxy, improper use of the RewriteRule and ProxyPassMatch directives could cause the web server to proxy requests to arbitrary hosts. This could allow a remote...