Lucene search
+L

5 matches found

OSV
OSV
added 2024/03/06 11:9 a.m.51 views

BIT-TOMCAT-2022-29885 EncryptInterceptor does not provide complete protection on insecure networks

The documentation of Apache Tomcat 10.1.0 to 10.1.0, 10.0.0 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentialit...

7.5CVSS7.1AI score0.73139EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.21 views

Apache Tomcat 10.1.0-M1 < 10.1.0-M15 EncryptInterceptor DoS

The version of Apache Tomcat installed on the remote host is 8.5.38 to 8.5.78, 9.0.13 to 9.0.62, 10.0.0-M1 to 10.0.20 or 10.1.0-M1 to 10.1.0-M14. It is, therefore, affected by a denial of service vulnerability. The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat...

7.5CVSS7.9AI score0.73139EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.381 views

Apache Tomcat 8.5.38 < 8.5.79

The version of Tomcat installed on the remote host is prior to 8.5.79. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.79security-8 advisory. - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 t...

7.5CVSS8AI score0.73139EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2021/09/14 12:15 p.m.6 views

CVE-2021-38177

SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the network, this causes the SAP application to crash and has high impact on the availability of the SAP syst...

7.5CVSS7.1AI score0.03223EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/04/16 12:0 a.m.62 views

Apache Tomcat DoS Vulnerability (Mar 2019) - Linux

Apache Tomcat is prone to a denial of service vulnerability in the HTTP/2 implementation. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.6AI score0.72855EPSS
Exploits0References2
Rows per page
Query Builder