Tomcat — контейнер сервлетов с открытым исходным кодом
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 262
GHSA-3p5r-7cw3-2m67
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
GHSA-vch7-92vf-jm44
Apache Tomcat does not follow ServletSecurity annotations
GHSA-9xrj-439h-62hg
Improper Authentication in Apache Tomcat
GHSA-28cq-6rmx-pjq4
Improper Authentication in Apache Tomcat
GHSA-h6c8-rg87-f3pc
Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
GHSA-cpr9-82wf-f629
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
GHSA-jgm2-m5cg-f66g
Authentication Bypass in Apache Tomcat
GHSA-pxwv-88pv-hh3j
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
GHSA-76vr-72mv-mf3q
Cross-Site Request Forgery in Apache Tomcat
GHSA-99rf-92v6-cwx4
Improper Access Control in Apache Tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-3p5r-7cw3-2m67 Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | 7% Низкий | больше 3 лет назад | |
| GHSA-vch7-92vf-jm44 Apache Tomcat does not follow ServletSecurity annotations | 16% Средний | больше 3 лет назад | |
| GHSA-9xrj-439h-62hg Improper Authentication in Apache Tomcat | 0% Низкий | больше 3 лет назад | |
| GHSA-28cq-6rmx-pjq4 Improper Authentication in Apache Tomcat | 1% Низкий | больше 3 лет назад | |
| GHSA-h6c8-rg87-f3pc Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users | 12% Средний | больше 3 лет назад | |
| GHSA-cpr9-82wf-f629 java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data. | 20% Средний | больше 3 лет назад | |
| GHSA-jgm2-m5cg-f66g Authentication Bypass in Apache Tomcat | 2% Низкий | больше 3 лет назад | |
| GHSA-pxwv-88pv-hh3j org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response. | 23% Средний | больше 3 лет назад | |
| GHSA-76vr-72mv-mf3q Cross-Site Request Forgery in Apache Tomcat | 10% Низкий | больше 3 лет назад | |
| GHSA-99rf-92v6-cwx4 Improper Access Control in Apache Tomcat | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу