Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2022/05/14 1:17 a.m.33 views

GHSA-9737-QMGC-HFR9 Directory Traversal in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

5.3CVSS5AI score0.72859EPSS
Exploits1References33
Prion
Prionadded 2009/06/16 9:0 p.m.29 views

Directory traversal

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

5CVSS6.5AI score0.72859EPSS
Exploits1References47Affected Software1
CVE
CVEadded 2009/06/16 8:26 p.m.124 views

CVE-2008-5515

The CVE-2008-5515 entry applies to Apache Tomcat 4.1.0–4.1.39, 5.5.0–5.5.27, and 6.0.0–6.0.18 (and possibly earlier) per the described vulnerability. Root cause: during RequestDispatcher usage, Tomcat normalizes the target pathname before filtering the query string, which can bypass access contro...

5CVSS4.8AI score0.72859EPSS
Exploits1References47Affected Software1
Rows per page
Query Builder