Lucene search
K

8 matches found

OSV
OSV
added 2024/07/23 2:3 p.m.7 views

USN-6908-1 tomcat vulnerabilities

It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore...

7CVSS7AI score0.56636EPSS
Exploits18References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.9 views

SUSE CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7.5CVSS8.1AI score0.56636EPSS
Exploits15References14
BDU FSTEC
BDU FSTEC
added 2020/07/31 12:0 a.m.6 views

The vulnerability of the PersistenceManager component in the Apache Tomcat application server allows a hacker to execute arbitrary code.

The vulnerability of the PersistenceManager component in the Apache Tomcat application server is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created request...

7CVSS7.3AI score0.56636EPSS
Exploits15References23Affected Software15
NCSC
NCSC
added 2020/05/22 12:0 a.m.9 views

Vulnerability fixed in Apache Tomcat

The developers of Apache Tomcat have fixed a vulnerability fixed that could potentially allow a remote malicious person to execute arbitrary code under the application's permissions. This is possible if: the malicious party has control of a file on the server; PersistenceManager is used in...

7CVSS9.3AI score0.56636EPSS
Exploits15
OSV
OSV
added 2020/05/21 6:52 p.m.1 views

GHSA-344F-F5VG-2JFJ Potential remote code execution in Apache Tomcat

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.3AI score0.56636EPSS
Exploits15References55
OSV
OSV
added 2020/05/21 2:55 p.m.8 views

SUSE-SU-2020:1363-1 Security update for tomcat

This update for tomcat fixes the following issues: - Update to Tomcat 9.0.35. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.htmlTomcat9.0.35markt CVE-2020-9484 bsc1171928 Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the conten...

7CVSS7.9AI score0.56636EPSS
Exploits15References3
OSV
OSV
added 2020/05/20 7:15 p.m.7 views

DEBIAN-CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.8AI score0.56636EPSS
Exploits15References1
OSV
OSV
added 2020/05/20 7:15 p.m.1 views

UBUNTU-CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...

7CVSS7.3AI score0.56636EPSS
Exploits15References13
Rows per page
Query Builder