Tomcat — контейнер сервлетов с открытым исходным кодом
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 262
SUSE-SU-2024:4105-1
Security update for tomcat10
SUSE-SU-2024:4075-1
Security update for tomcat
GHSA-f632-9449-3j4w
Apache Tomcat - XSS in generated JSPs
CVE-2024-52318
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
CVE-2024-52318
Incorrect object recycling and reuse vulnerability in Apache Tomcat. ...
CVE-2024-52318
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
GHSA-xcpr-7mr4-h4xq
Apache Tomcat - Authentication Bypass
GHSA-qvf5-hvjx-wm27
Apache Tomcat Request and/or response mix-up
CVE-2024-52318
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
CVE-2024-52317
Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | SUSE-SU-2024:4105-1 Security update for tomcat10 | 2% Низкий | около 1 года назад | |
| SUSE-SU-2024:4075-1 Security update for tomcat | 2% Низкий | около 1 года назад | |
| GHSA-f632-9449-3j4w Apache Tomcat - XSS in generated JSPs | CVSS3: 6.1 | 12% Средний | около 1 года назад |
 | CVE-2024-52318 Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. | CVSS3: 6.1 | 12% Средний | около 1 года назад |
| CVE-2024-52318 Incorrect object recycling and reuse vulnerability in Apache Tomcat. ... | CVSS3: 6.1 | 12% Средний | около 1 года назад |
 | CVE-2024-52318 Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. | CVSS3: 6.1 | 12% Средний | около 1 года назад |
| GHSA-xcpr-7mr4-h4xq Apache Tomcat - Authentication Bypass | CVSS3: 9.8 | 2% Низкий | около 1 года назад |
| GHSA-qvf5-hvjx-wm27 Apache Tomcat Request and/or response mix-up | CVSS3: 6.5 | 17% Средний | около 1 года назад |
 | CVE-2024-52318 Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. | CVSS3: 5.4 | 12% Средний | около 1 года назад |
| CVE-2024-52317 Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue. | CVSS3: 6.5 | 17% Средний | около 1 года назад |
Уязвимостей на страницу