Ubuntu Security Notice 6943-1 - It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS It was discovered that Tomcat incorrectly handled certain HTTP/2 connection requests. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. This issue only affected tomcat8 for Ubuntu 18.04 LTS
f0aa0eff0ede3e5e3704517eb7ba3f99160da85aee66c59e0606b7a0e59f71b9Gentoo Linux Security Advisory 202208-34 - Multiple vulnerabilities have been discovered in Apache Tomcat, the worst of which could result in denial of service. Versions less than 8.5.82:8.5 are affected.
077be2b54802b552aa2444c9d86f7b9f2b66179442ffb4c75ef491cd837caab4Red Hat Security Advisory 2022-5532-01 - This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include HTTP request smuggling, bypass, code execution, denial of service, deserialization, information leakage, memory leak, privilege escalation, and traversal vulnerabilities.
bb1e647fa42f38704fbcd2b6ff10735507518a390af17287d786d4d0cef46102Ubuntu Security Notice 5360-1 - It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Tomcat did not properly validate the input length. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service.
3436d55d788ad60834f3280cd7d2491a02f126d834178f1f7bb6700121442cf9Red Hat Security Advisory 2021-3425-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.10 serves as a replacement for Red Hat support for Spring Boot 2.3.6, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and information leakage vulnerabilities.
02316b7c2348dea628bd4fbd8f3a6138b2c22f74d360890d138f3a9524b08ddeRed Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.
f3cd1db006604fa6b5ec96f64cd45152cf6b247c0b550fab1007a90fe65d5bffRed Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.
7483c97d1f9fb372e81b8472c214b78b36b64578a63172ce3a020369a769c580Debian Linux Security Advisory 4891-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service.
1cc0c8e922520ac710a5eb680952a81085830ab697d578ee126aa8cdb6ed32ad
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed