Количество 37
Количество 37
ELSA-2019-2205
ELSA-2019-2205: tomcat security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2018:3261-1
Security update for tomcat
SUSE-SU-2018:3388-1
Security update for tomcat
openSUSE-SU-2018:0852-1
Security update for tomcat
SUSE-SU-2018:0817-1
Security update for tomcat
CVE-2018-1305
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
CVE-2018-1305
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
CVE-2018-1305
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
CVE-2018-1305
Security constraints defined by annotations of Servlets in Apache Tomc ...
GHSA-jx6h-3fjx-cgv5
Apache Tomcat information exposure vulnerability
BDU:2019-01758
Уязвимость сервера приложений Apache Tomcat, связанная с недостатками контроля доступа, позволяющая нарушителю повысить свои привилегии
openSUSE-SU-2018:3054-1
Security update for tomcat
openSUSE-SU-2018:2740-1
Security update for tomcat
SUSE-SU-2018:3011-2
Security update for tomcat
SUSE-SU-2018:3011-1
Security update for tomcat
SUSE-SU-2018:2699-1
Security update for tomcat
RLSA-2019:1529
Important: pki-deps:10.6 security update
ELSA-2019-1529
ELSA-2019-1529: pki-deps:10.6 security update (IMPORTANT)
CVE-2018-8034
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
CVE-2018-8034
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2019-2205 ELSA-2019-2205: tomcat security, bug fix, and enhancement update (MODERATE) | около 6 лет назад | ||
 | SUSE-SU-2018:3261-1 Security update for tomcat | около 7 лет назад | ||
| SUSE-SU-2018:3388-1 Security update for tomcat | около 7 лет назад | ||
| openSUSE-SU-2018:0852-1 Security update for tomcat | больше 7 лет назад | ||
| SUSE-SU-2018:0817-1 Security update for tomcat | больше 7 лет назад | ||
 | CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. | CVSS3: 6.5 | 4% Низкий | больше 7 лет назад |
 | CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. | CVSS3: 4.8 | 4% Низкий | больше 7 лет назад |
 | CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. | CVSS3: 6.5 | 4% Низкий | больше 7 лет назад |
| CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomc ... | CVSS3: 6.5 | 4% Низкий | больше 7 лет назад |
| GHSA-jx6h-3fjx-cgv5 Apache Tomcat information exposure vulnerability | CVSS3: 6.5 | 4% Низкий | около 7 лет назад |
 | BDU:2019-01758 Уязвимость сервера приложений Apache Tomcat, связанная с недостатками контроля доступа, позволяющая нарушителю повысить свои привилегии | CVSS3: 6.5 | 4% Низкий | больше 7 лет назад |
| openSUSE-SU-2018:3054-1 Security update for tomcat | около 7 лет назад | ||
| openSUSE-SU-2018:2740-1 Security update for tomcat | около 7 лет назад | ||
| SUSE-SU-2018:3011-2 Security update for tomcat | почти 7 лет назад | ||
| SUSE-SU-2018:3011-1 Security update for tomcat | почти 7 лет назад | ||
| SUSE-SU-2018:2699-1 Security update for tomcat | около 7 лет назад | ||
 | RLSA-2019:1529 Important: pki-deps:10.6 security update | больше 6 лет назад | ||
| ELSA-2019-1529 ELSA-2019-1529: pki-deps:10.6 security update (IMPORTANT) | больше 6 лет назад | ||
| CVE-2018-8034 The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. | CVSS3: 7.5 | 6% Низкий | больше 7 лет назад |
| CVE-2018-8034 The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. | CVSS3: 4.3 | 6% Низкий | больше 7 лет назад |
Уязвимостей на страницу