40 matches found
Astra Linux - уязвимость в tomcat9
Path Equivalence: The use of ‘file.Name’ an internal dot notation can lead to Remote Code Execution, information disclosure, or the addition of malicious content to uploaded files via the write-enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat versions from 11.0.0-M1...
MiracleLinux 8 : tomcat-9.0.87-1.el8_10.3 (AXSA:2025-9846:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9846:02 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption...
MiracleLinux 9 : tomcat-9.0.87-2.el9_5.1 (AXSA:2025-9840:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9840:01 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption...
RLSA-2025:7497 Moderate: tomcat security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API CVE-2024-52316 tomcat: Apache Tomcat: DoS in examples web application CVE-2024-54677 tomcat: Potentia...
tomcat security update
An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Page...
tomcat9 security update
An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...
CLSA-2025-1755516017 tomcat6: Fix of CVE-2025-24813
CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...
tomcat6: Fix of CVE-2025-24813
CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...
CLSA-2025-1755513827 tomcat6: Fix of CVE-2025-24813
CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...
USN-7525-1: Tomcat vulnerability
It was discovered that Apache Tomcat incorrectly implemented partial PUT functionality by replacing path separators with dots in temporary files. A remote attacker could possibly use this issue to access sensitive files, inject malicious content, or execute remote code...
USN-7525-1 Tomcat vulnerability
It was discovered that Apache Tomcat incorrectly implemented partial PUT functionality by replacing path separators with dots in temporary files. A remote attacker could possibly use this issue to access sensitive files, inject malicious content, or execute remote code...
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813 - Apache Tomcat Remote Code Execution Exploit...
Important: tomcat8
Issue Overview: Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from...
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...
ALSA-2025:3683 Moderate: tomcat security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 For...
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...
Moderate: Red Hat Security Advisory: tomcat security update
An update for tomcat is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...