Tomcat — контейнер сервлетов с открытым исходным кодом
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 153
GHSA-cxg2-49rq-8gcr
Apache Tomcat does not properly handle an invalid Transfer-Encoding header
GHSA-hffm-fqv4-w27r
Improper Authentication in Apache Tomcat
GHSA-9ggm-7897-x4mg
Improper Input Validation in Apache Tomcat
GHSA-7mg3-pr99-8rh7
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
GHSA-c57p-3v2g-w9rg
Insertion of Sensitive Information into Log File in Apache Tomcat
GHSA-4f7h-9j2x-cmr4
Improper Authentication in Apache Tomcat
GHSA-6cr4-7c7p-p3xv
Use of Hard-coded Cryptographic Key in Apache Tomcat
GHSA-fj6c-prgj-gr3r
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
GHSA-q9xf-jwr4-v445
Authentication Bypass in Apache Tomcat
GHSA-c38m-v4m2-524v
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-cxg2-49rq-8gcr Apache Tomcat does not properly handle an invalid Transfer-Encoding header | 65% Средний | больше 3 лет назад | |
| GHSA-hffm-fqv4-w27r Improper Authentication in Apache Tomcat | 2% Низкий | больше 3 лет назад | |
| GHSA-9ggm-7897-x4mg Improper Input Validation in Apache Tomcat | 0% Низкий | больше 3 лет назад | |
| GHSA-7mg3-pr99-8rh7 native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application. | 9% Низкий | больше 3 лет назад | |
| GHSA-c57p-3v2g-w9rg Insertion of Sensitive Information into Log File in Apache Tomcat | 0% Низкий | больше 3 лет назад | |
| GHSA-4f7h-9j2x-cmr4 Improper Authentication in Apache Tomcat | 3% Низкий | больше 3 лет назад | |
| GHSA-6cr4-7c7p-p3xv Use of Hard-coded Cryptographic Key in Apache Tomcat | 5% Низкий | больше 3 лет назад | |
| GHSA-fj6c-prgj-gr3r Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat | 0% Низкий | больше 3 лет назад | |
| GHSA-q9xf-jwr4-v445 Authentication Bypass in Apache Tomcat | 5% Низкий | больше 3 лет назад | |
| GHSA-c38m-v4m2-524v Apache Tomcat Allows Remote Attackers to Spoof AJP Requests | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу