Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2024/05/23 10:45 p.m.16 views

tomcat: Leaking of unrelated request bodies in default error page

An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or...

5.3CVSS7.3AI score0.14286EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2024/05/06 2:10 p.m.3 views

tomcat: Leaking of unrelated request bodies in default error page

An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or...

5.3CVSS7.3AI score0.14286EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2024/01/19 3:37 p.m.121 views

CVE-2024-21733

An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or...

5.3CVSS5AI score0.14286EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2024/01/19 12:0 a.m.32 views

Apache Tomcat Information Disclosure Vulnerability (Jan 2024) - Linux

Apache Tomcat is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"...

5.3CVSS5.5AI score0.14286EPSS
Exploits3References3
Apache Tomcat
Apache Tomcat
added 2021/03/10 12:0 a.m.73 views

Fixed in Apache Tomcat 9.0.44

Important: Denial of Service CVE-2021-41079 When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service. This was fixed with commit d4b340fa. This issue was first reported to the Apach...

7.5CVSS6.3AI score0.14286EPSS
Exploits3Affected Software1
Rows per page
Query Builder