what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2021-25329

Status Candidate

Overview

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Related Files

Gentoo Linux Security Advisory 202208-34
Posted Aug 22, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-34 - Multiple vulnerabilities have been discovered in Apache Tomcat, the worst of which could result in denial of service. Versions less than 8.5.82:8.5 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-25122, CVE-2021-25329, CVE-2021-30639, CVE-2021-30640, CVE-2021-33037, CVE-2021-42340, CVE-2022-34305
SHA-256 | 077be2b54802b552aa2444c9d86f7b9f2b66179442ffb4c75ef491cd837caab4
Red Hat Security Advisory 2021-3425-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3425-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.10 serves as a replacement for Red Hat support for Spring Boot 2.3.6, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-27782, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-3690
SHA-256 | 02316b7c2348dea628bd4fbd8f3a6138b2c22f74d360890d138f3a9524b08dde
Red Hat Security Advisory 2021-2561-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | f3cd1db006604fa6b5ec96f64cd45152cf6b247c0b550fab1007a90fe65d5bff
Red Hat Security Advisory 2021-2562-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | 7483c97d1f9fb372e81b8472c214b78b36b64578a63172ce3a020369a769c580
Debian Security Advisory 4891-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4891-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2021-25122, CVE-2021-25329
SHA-256 | 1cc0c8e922520ac710a5eb680952a81085830ab697d578ee126aa8cdb6ed32ad
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close