Tomcat — контейнер сервлетов с открытым исходным кодом
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 153
GHSA-x75h-2jg7-ffxw
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
GHSA-ggx9-4728-588r
Apache Tomcat Directory Traversal vulnerability
GHSA-hhjg-g8xq-hhr3
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
GHSA-j788-fx57-99wp
Cross-site scripting in Apache Tomcat
GHSA-w227-xcfx-3pj8
Exposure of Sensitive Information in Apache Tomcat
GHSA-5cw4-ggx9-36vg
Apache Tomcat Denial of Service via Malformed Request Headers
GHSA-7g59-hm8v-cwmc
Apache Tomcat information disclosure vulnerability
GHSA-5jpg-mjvg-hfhp
Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
GHSA-m7xj-ccqc-p4g2
Apache Tomcat Directory Traversal vulnerability
GHSA-m8h8-6rvg-f4mg
Apache Tomcat Path Traversal Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-x75h-2jg7-ffxw Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781. | 1% Низкий | больше 3 лет назад | |
| GHSA-ggx9-4728-588r Apache Tomcat Directory Traversal vulnerability | 15% Средний | больше 3 лет назад | |
| GHSA-hhjg-g8xq-hhr3 Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | CVSS3: 4.2 | 0% Низкий | больше 3 лет назад |
| GHSA-j788-fx57-99wp Cross-site scripting in Apache Tomcat | 21% Средний | больше 3 лет назад | |
| GHSA-w227-xcfx-3pj8 Exposure of Sensitive Information in Apache Tomcat | 89% Высокий | больше 3 лет назад | |
| GHSA-5cw4-ggx9-36vg Apache Tomcat Denial of Service via Malformed Request Headers | 32% Средний | больше 3 лет назад | |
| GHSA-7g59-hm8v-cwmc Apache Tomcat information disclosure vulnerability | 8% Низкий | больше 3 лет назад | |
| GHSA-5jpg-mjvg-hfhp Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve. | 4% Низкий | больше 3 лет назад | |
| GHSA-m7xj-ccqc-p4g2 Apache Tomcat Directory Traversal vulnerability | 93% Критический | больше 3 лет назад | |
| GHSA-m8h8-6rvg-f4mg Apache Tomcat Path Traversal Vulnerability | 89% Высокий | больше 3 лет назад |
Уязвимостей на страницу