CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

Apache Tomcat 7.0.23 < 7.0.91 Open Redirect

The version of Apache Tomcat installed on the remote host is 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 or 7.0.23 to 7.0.90. It is, therefore, affected by an open redirect vulnerability when the default servlet returned a redirect to a directory. Note that the scanner has not attempted to exploit these...

Apache Tomcat 7.0.x < 7.0.23 Hash Collision DoS

Binary data 6334.pasl...