Lucene search
+L

6 matches found

Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.9 views

tomcat security update

1:9.0.117-1 - Resolves: RHEL-150714 Certificate revocation bypass due to improper OCSP response validation - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled CVE-2026-34500 - Resolves: Tomcat: Cloud membership for clustering component exposed the Kubernet...

9.6CVSS7.2AI score0.21691EPSS
Exploits9
OSV
OSV
added 2026/04/24 11:47 a.m.5 views

SUSE-SU-2026:1603-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

9.1CVSS5.4AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/22 11:7 a.m.6 views

SUSE-SU-2026:21378-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
OSV
OSV
added 2026/04/21 11:42 a.m.6 views

SUSE-SU-2026:21366-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
CVE
CVE
added 2026/04/09 7:30 p.m.50 views

CVE-2026-34483

CVE-2026-34483 is an Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. Affected versions: Tomcat 11.0.0-M1 through 11.0.20, 10.1.0-M1 through 10.1.53, and 9.0.40 through 9.0.116. Exploitation concerns are not detailed in the provided docum...

7.5CVSS5.8AI score0.00461EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 7:30 p.m.3 views

CVE-2026-34483 Apache Tomcat: Incomplete escaping of JSON access logs

Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 o...

5.8AI score0.00461EPSS
Exploits0References1
Rows per page
Query Builder