Количество 11
Количество 11
BDU:2017-02035
Уязвимость фильтра CORS сервера приложений Apache Tomcat, позволяющая нарушителю осуществить заражение клиента и сервера при определенных обстоятельствах
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.1 ...
GHSA-73rx-3f9r-x949
Insufficient Verification of Data Authenticity in Apache Tomcat
openSUSE-SU-2017:3069-1
Security update for tomcat
SUSE-SU-2017:3279-1
Security update for tomcat
SUSE-SU-2017:3039-1
Security update for tomcat
ELSA-2017-3081
ELSA-2017-3081: tomcat security update (IMPORTANT)
SUSE-SU-2017:3059-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2017-02035 Уязвимость фильтра CORS сервера приложений Apache Tomcat, позволяющая нарушителю осуществить заражение клиента и сервера при определенных обстоятельствах | CVSS2: 4.3 | 5% Низкий | больше 8 лет назад |
 | CVE-2017-7674 The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. | CVSS3: 4.3 | 5% Низкий | больше 8 лет назад |
 | CVE-2017-7674 The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. | CVSS3: 5.9 | 5% Низкий | больше 8 лет назад |
 | CVE-2017-7674 The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. | CVSS3: 4.3 | 5% Низкий | больше 8 лет назад |
| CVE-2017-7674 The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.1 ... | CVSS3: 4.3 | 5% Низкий | больше 8 лет назад |
| GHSA-73rx-3f9r-x949 Insufficient Verification of Data Authenticity in Apache Tomcat | CVSS3: 4.3 | 5% Низкий | больше 3 лет назад |
 | openSUSE-SU-2017:3069-1 Security update for tomcat | около 8 лет назад | ||
| SUSE-SU-2017:3279-1 Security update for tomcat | почти 8 лет назад | ||
| SUSE-SU-2017:3039-1 Security update for tomcat | около 8 лет назад | ||
| ELSA-2017-3081 ELSA-2017-3081: tomcat security update (IMPORTANT) | около 8 лет назад | ||
| SUSE-SU-2017:3059-1 Security update for tomcat | около 8 лет назад |
Уязвимостей на страницу