Lucene search
K

211 matches found

Chainguard
Chainguard
•added 2026/07/02 2:17 p.m.•11 views

GHSA-4J3C-42XV-3F84 vulnerabilities

Vulnerabilities for packages: tomcat...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/29 3:52 p.m.•4 views

Security Bulletin: Multiple Vulnerabilities in IBM DevOps Build.

Summary Multiple vulnerabilities were addressed in IBM DevOps Build 7.1.0.4. Vulnerability Details CVEID:CVE-2026-41284 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M...

9.8CVSS7.4AI score0.01339EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/25 6:37 p.m.•7 views

Security Bulletin: Vulnerabilities in Spring, Tomcat, Netty, Picomatch might affect IBM Storage Protect Plus

Summary IBM Storage Protect Plus can be affected by vulnerabilities in Spring, Tomcat, Netty, Picomatch . Vulnerabilities include stack-based buffer overflow, improper encoding or escaping of output, deserialization of untrusted data, improper restriction of operations within the bounds of a memo...

9.1CVSS7.3AI score0.0504EPSS
Exploits4Affected Software1
Ubuntu
Ubuntu
•added 2026/06/18 3:56 p.m.•19 views

USN-8450-1: Tomcat vulnerabilities

It was discovered that Tomcat did not properly limit the size of WebDAV LOCK and PROPFIND request bodies. A remote attacker could possibly use this issue to cause Tomcat to consume excessive memory, resulting in a denial of service. CVE-2026-41284 It was discovered that Tomcat incorrectly validat...

9.8CVSS8.1AI score0.01339EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/17 3:30 p.m.•13 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.18.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.18.jar Vulnerability Details CVEID:CVE-2026-29146 DESCRIPTION: Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1...

7.5CVSS5.4AI score0.0504EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/16 2:13 p.m.•6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), URL Redirection to Untrusted Site ('Open Redirect'), and 3 more (CVE-2026-24880, CVE-2026-25854, and 3 more)

Summary There are vulnerabilities in tomcat-embed-core-10.1.52.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-24880, CVE-2026-25854, CVE-2026-29145, CVE-2026-29146, CVE-2026-32990. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTIO...

9.1CVSS5.8AI score0.0504EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
•added 2026/06/08 12:0 a.m.•16 views

TencentOS Server 4: tomcat (TSSA-2026:0337)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0337 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.1CVSS7.2AI score0.01136EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•14 views

Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerabilities (USN-8383-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8383-1 advisory. It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass...

9.8CVSS7.7AI score0.01233EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/03 10:39 a.m.•13 views

Security Bulletin: Vulnerabilities in tomcat affects IBM Netezza Appliance

Summary The tomcat package is used by IBM Netezza Appliance. IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-31651,CVE-2025-55752 Vulnerability Details CVEID:CVE-2025-31651 DESCRIPTION: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat...

9.8CVSS7.4AI score0.66535EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
•added 2026/05/27 12:0 a.m.•18 views

RHEL 10 / 8 / 9 : Red Hat JBoss Web Server 6.2.3 (RHSA-2026:20405)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20405 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised ...

9.1CVSS5.8AI score0.0504EPSS
Exploits3References17
RedHat Linux
RedHat Linux
•added 2026/05/26 12:59 p.m.•18 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.3 release and security update

Red Hat JBoss Web Server 6.2.3 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

9.1CVSS7AI score0.0504EPSS
Exploits3References9
RedHat Linux
RedHat Linux
•added 2026/05/26 12:55 p.m.•19 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.3 release and security update

Red Hat JBoss Web Server 6.2.3 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

9.1CVSS7AI score0.0504EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
•added 2026/05/20 12:0 a.m.•19 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2026-1672)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1672 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...

9.1CVSS6AI score0.0504EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
•added 2026/05/20 12:0 a.m.•13 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2026-1673)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1673 advisory. Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1...

9.1CVSS6AI score0.0504EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
•added 2026/05/19 12:0 a.m.•10 views

RHEL 10 : tomcat (RHSA-2026:18537)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18537 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat:...

9.6CVSS6AI score0.09917EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
•added 2026/05/19 12:0 a.m.•22 views

RHEL 9 : tomcat (RHSA-2026:18916)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18916 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat:...

9.6CVSS7.1AI score0.09917EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
•added 2026/05/15 3:9 p.m.•16 views

Security Bulletin: Common Vulnerabilities Addressed in Cloudera Data Platform Private Cloud Base with IBM 7.3.1

Summary Security Bulletin: Common Vulnerabilities Addressed in Cloudera Data Platform Private Cloud Base with IBM 7.3.1 Vulnerability Details CVEID:CVE-2024-50379 DESCRIPTION: Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on...

9.8CVSS7.2AI score0.66933EPSS
Exploits18Affected Software1
Tenable Nessus
Tenable Nessus
•added 2026/05/12 12:0 a.m.•111 views

Apache Tomcat 9.0.0.M1 < 9.0.118 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.118. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.118security-9 advisory. - DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. Th...

9.8CVSS6.6AI score0.01339EPSS
Exploits2References18
Kaspersky
Kaspersky
•added 2026/05/10 12:0 a.m.•20 views

KLA91043 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security vulnerability can be exploited to bypass security...

9.8CVSS6.1AI score0.01339EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
•added 2026/05/04 4:20 p.m.•11 views

Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat. Vulnerabilities include Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token and...

7.5CVSS5.8AI score0.00469EPSS
Exploits0Affected Software1
Rows per page
Query Builder