7 matches found
tomcat: Apache Tomcat: Security constraint bypass for CGI scripts
A flaw was found in the CGI servlet component of Apache Tomcat. This vulnerability allows a security constraint bypass via improper handling of case sensitivity in the pathInfo component of a URI mapped to the CGI servlet...
CVE-2025-46701
A flaw was found in the CGI servlet component of Apache Tomcat. This vulnerability allows a security constraint bypass via improper handling of case sensitivity in the pathInfo component of a URI mapped to the CGI servlet. Mitigation Mitigation is either unavailable or does not meet Red Hat Produ...
Huawei Multiple Product ENUM Module Buffer Overflow Vulnerability
DP300, RP200, TE30, etc. are network video communication devices from Huawei China. A buffer overflow vulnerability exists in the ENUM Electronic Numbers to URI Mapping module of several Huawei products. A remote attacker could send a carefully constructed ENUM message to the affected device by...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...