Lucene search
K

47 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.30 views

Apache Tomcat 9.0.0.M1 < 9.0.0.M15

The version of Tomcat installed on the remote host is prior to 9.0.0.M15. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.0.m15security-9 advisory. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to...

7.5CVSS7.7AI score0.16038EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.37 views

Apache Tomcat 7.0.0 < 7.0.75

The version of Tomcat installed on the remote host is prior to 7.0.75. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.75security-7 advisory. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to...

7.5CVSS7.6AI score0.16038EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.52 views

Apache Tomcat 8.0.0.RC1 < 8.0.41

The version of Tomcat installed on the remote host is prior to 8.0.41. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.41security-8 advisory. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to...

7.5CVSS7.6AI score0.16038EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 2:56 a.m.31 views

Apache Tomcat does not enforce the maxHttpHeaderSize limit

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service OutOfMemoryError via a crafted request...

5CVSS7.1AI score0.07885EPSS
Exploits0References19Affected Software1
OSV
OSV
added 2022/05/14 2:56 a.m.29 views

GHSA-43V2-6GRP-9PP9 Apache Tomcat does not enforce the maxHttpHeaderSize limit

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service OutOfMemoryError via a crafted request...

7.5CVSS5.1AI score0.07885EPSS
Exploits0References19
Github Security Blog
Github Security Blog
added 2022/05/14 1:10 a.m.35 views

Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

7.5CVSS7.6AI score0.16038EPSS
Exploits0References53Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.36 views

Mageia: Security Advisory (MGASA-2017-0050)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.16038EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.17 views

Apache Tomcat 7.0.x < 7.0.75 NIO HTTP Connector Information Disclosure

Binary data 700671.pasl...

7.5CVSS8.7AI score0.16038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.13 views

Apache Tomcat 6.0.x < 6.0.50 NIO HTTP Connector Information Disclosure

Binary data 700669.pasl...

7.5CVSS8AI score0.16038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.11 views

Apache Tomcat 8.0.x < 8.0.41 NIO HTTP Connector Information Disclosure

Binary data 700683.pasl...

7.5CVSS8.7AI score0.16038EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:49 p.m.44 views

Security Bulletin: Apache Tomcat vulnerability affects IBM Algo One - Counterparty Credit Risk (CVE-2016-8745)

Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat is refactored. An attacker could exploit this vulnerability to obtain the session ID and the...

7.5CVSS0.4AI score0.16038EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:49 p.m.35 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2016-8745)

Summary IBM Algo One - Algo Risk Application could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat is refactored. An attacker could exploit this vulnerability to obtain the...

7.5CVSS0.1AI score0.16038EPSS
Exploits0Affected Software1
NVD
NVD
added 2017/08/10 10:29 p.m.32 views

CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

7.5CVSS7.5AI score0.16038EPSS
Exploits0References30
Vulnrichment
Vulnrichment
added 2017/08/10 10:0 p.m.24 views

CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

6.7AI score0.16038EPSS
Exploits0References30
Debian CVE
Debian CVE
added 2017/08/10 10:0 p.m.38 views

CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

7.5CVSS7.9AI score0.16038EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/03 12:0 a.m.51 views

EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2017-1082)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a...

7.5CVSS7AI score0.39633EPSS
Exploits6References3
Cent OS
Cent OS
added 2017/04/13 11:0 a.m.104 views

tomcat security update

CentOS Errata and Security Advisory CESA-2017:0935 An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7AI score0.39633EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.68 views

RHEL 7 : tomcat (RHSA-2017:0935)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0935 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: It was discovered that the...

7.5CVSS7.1AI score0.39633EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.286 views

Scientific Linux Security Update : tomcat on SL7.x (noarch) (20170412)

Security Fixes : - It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By...

7.5CVSS7AI score0.39633EPSS
Exploits6References3
RedHat Linux
RedHat Linux
added 2017/04/12 3:2 p.m.101 views

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7AI score0.39633EPSS
Exploits6References3
Rows per page
Query Builder