14 matches found
Apache Tomcat 8.0.0.RC1 < 8.0.44
The version of Tomcat installed on the remote host is prior to 8.0.44. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.44security-8 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error pag...
Apache Tomcat 7.0.0 < 7.0.78
The version of Tomcat installed on the remote host is prior to 7.0.78. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.78security-7 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error pag...
GHSA-JMVV-524F-HJ5J Improper Handling of Exceptional Conditions in Apache Tomcat
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1419)
The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76,...
Apache Tomcat 7.0.x < 7.0.78 Remote Error Page Manipulation
According to its self-reported version number, the Apache Tomcat service running on the remote host is 7.0.x prior to 7.0.78 or 8.5.x prior to 8.5.15. It is, therefore, affected by an implementation flaw in the error page reporting mechanism in which it does not conform to the Java Servlet...
Apache Tomcat 8.5.x < 8.5.15 Remote Error Page Manipulation
According to its self-reported version number, the Apache Tomcat service running on the remote host is 7.0.x prior to 7.0.78 or 8.5.x prior to 8.5.15. It is, therefore, affected by an implementation flaw in the error page reporting mechanism in which it does not conform to the Java Servlet...
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
Design/Logic Flaw
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
CVE-2017-5664
CVE-2017-5664 affects Apache Tomcat and concerns the error page mechanism. The DefaultServlet failed to forward error pages with the original request method across multiple releases (Tomcat 9.0.0.M1–9.0.0.M20, 8.5.0–8.5.14, 8.0.0.RC1–8.0.43, 7.0.0–7.0.77), which could lead to unexpected results f...
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...
Fixed in Apache Tomcat 7.0.78
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...
Fixed in Apache Tomcat 8.5.15
Important: Security Constraint Bypass CVE-2017-5664 The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the...