Lucene search
K

6 matches found

OSV
OSV
added 2026/06/29 9:45 a.m.2 views

SUSE-SU-2026:2675-1 Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165. -...

9.8CVSS5.9AI score0.01339EPSS
Exploits2References15
Rosalinux
Rosalinux
added 2026/03/22 6:25 p.m.5 views

Advisory ROSA-SA-2026-3215

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-15 affected versions tomcat-9.0.37-15 CVE-ID: CVE-2025-55752 BDU-ID: 2025-13742 CVE-Crit: HIGH CVE-DESC.: An Apache Tomcat application server vulnerability involves relative path traversal. Exploitation of the...

7.5CVSS7.2AI score0.66535EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.8 views

MiracleLinux 8 : tomcat-9.0.87-1.el8_10.4 (AXSA:2025-10519:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10519:03 advisory. tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP...

9.8CVSS7.6AI score0.66933EPSS
Exploits18References3
OSV
OSV
added 2025/11/07 12:0 a.m.8 views

OPENSUSE-SU-2025:15716-1 tomcat-9.0.111-1.1 on GA media

These are all security issues fixed in the tomcat-9.0.111-1.1 package on the GA media of openSUSE Tumbleweed...

9.6CVSS7.3AI score0.66535EPSS
Exploits4References3
Rosalinux
Rosalinux
added 2025/10/14 2:33 p.m.5 views

Advisory ROSA-SA-2025-3033

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-14 affected versions tomcat-9.0.37-14 CVE-ID: CVE-2025-48989 BDU-ID: 2025-09899 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP2 handler of the Apache Tomcat application server is related to incorrect resource...

7.5CVSS6.8AI score0.03389EPSS
Exploits0
OSV
OSV
added 2017/08/10 12:0 a.m.4 views

UBUNTU-CVE-2017-7674

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances...

4.3CVSS6.7AI score0.08037EPSS
Exploits0References4
Rows per page
Query Builder