Описание
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tomcat10 | fixed | 10.1.33-1 | package | |
| tomcat10 | not-affected | bookworm | package | |
| tomcat9 | not-affected | package |
Примечания
https://lists.apache.org/thread/co243cw1nlh6p521c5265cm839wkqdp9
Fixed by: https://github.com/apache/tomcat/commit/9813c5dd3259183f659bbb83312a5cf673cc1ebf (9.0.97)
Fixed by: https://github.com/apache/tomcat/commit/be8e32143a3159e78fe5463d09bb8e1b33bf2b1f (10.1.32)
Introduced by: https://github.com/apache/tomcat/commit/397ea8b7461bdeaad8b7f005fca3cdd31df4be2a (9.0.96)
Introduced by: https://github.com/apache/tomcat/commit/995625caa294e5f29b56893db85291d2919d8035 (10.1.31)
EPSS
Связанные уязвимости
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
Уязвимость сервера приложений Apache Tomcat, связанная с недостаточно стойким шифрованием данных, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
EPSS