Apache Tomcat < 7.0.88 Vulnerability

Binary data 701337.pasl...

Apache Tomcat 7.0.28 < 7.0.88

The version of Tomcat installed on the remote host is prior to 7.0.88. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.88security-7 advisory. - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop...

Apache Tomcat 7.0.28 < 7.0.88 Denial of Service

The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.88. It is, therefore, affected by a denial of service due to a bug in UTF-8 decoder. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number...

Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability - Windows

Apache Tomcat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Apache Tomcat Security Restriction Bypass Vulnerability (CNVD-2018-15543)

Tomcat server is a free and open source web application server that is a lightweight application server. A security bypass vulnerability exists in Apache Tomcat versions 7.0.25 through 7.0.88, 8.5.0 through 8.5.31, and 9.0.0.M1 and 9.0.9. A remote attacker could use this vulnerability to bypass...