Количество 13
Количество 13
GHSA-5j33-cvvr-w245
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during ...
BDU:2024-11286
Уязвимость сервлета DefaultServlet сервера приложений Apache Tomcat, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2025:0394-1
Security update for tomcat
RLSA-2025:3683
Moderate: tomcat security update
ELSA-2025-3683
ELSA-2025-3683: tomcat security update (MODERATE)
ELSA-2025-3645
ELSA-2025-3645: tomcat security update (MODERATE)
SUSE-SU-2025:0058-1
Security update for tomcat
SUSE-SU-2025:0033-1
Security update for tomcat10
ROS-20250110-12
Множественные уязвимости tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-5j33-cvvr-w245 Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability | CVSS3: 9.8 | 87% Высокий | 11 месяцев назад |
 | CVE-2024-50379 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | CVSS3: 9.8 | 87% Высокий | 11 месяцев назад |
 | CVE-2024-50379 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | CVSS3: 8.1 | 87% Высокий | 11 месяцев назад |
 | CVE-2024-50379 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | CVSS3: 9.8 | 87% Высокий | 11 месяцев назад |
| CVE-2024-50379 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during ... | CVSS3: 9.8 | 87% Высокий | 11 месяцев назад |
 | BDU:2024-11286 Уязвимость сервлета DefaultServlet сервера приложений Apache Tomcat, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 87% Высокий | 11 месяцев назад |
 | SUSE-SU-2025:0394-1 Security update for tomcat | 9 месяцев назад | ||
 | RLSA-2025:3683 Moderate: tomcat security update | 3 месяца назад | ||
| ELSA-2025-3683 ELSA-2025-3683: tomcat security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2025-3645 ELSA-2025-3645: tomcat security update (MODERATE) | 7 месяцев назад | ||
| SUSE-SU-2025:0058-1 Security update for tomcat | 9 месяцев назад | ||
| SUSE-SU-2025:0033-1 Security update for tomcat10 | 9 месяцев назад | ||
 | ROS-20250110-12 Множественные уязвимости tomcat | CVSS3: 9.8 | 10 месяцев назад |
Уязвимостей на страницу