Количество 13
Количество 13
GHSA-jc7p-5r39-9477
Improper Input Validation in Apache Tomcat
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0 ...
ELSA-2017-0935
ELSA-2017-0935: tomcat security update (MODERATE)
ELSA-2017-0527
ELSA-2017-0527: tomcat6 security update (MODERATE)
openSUSE-SU-2016:3144-1
Security update for tomcat
openSUSE-SU-2016:3129-1
Security update for tomcat
SUSE-SU-2016:3081-1
Security update for tomcat
SUSE-SU-2016:3079-1
Security update for tomcat
SUSE-SU-2017:1632-1
Security update for tomcat6
SUSE-SU-2017:1660-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-jc7p-5r39-9477 Improper Input Validation in Apache Tomcat | CVSS3: 7.1 | 3% Низкий | около 3 лет назад |
 | CVE-2016-6816 The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. | CVSS3: 7.1 | 3% Низкий | около 8 лет назад |
 | CVE-2016-6816 The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. | CVSS3: 6.5 | 3% Низкий | больше 8 лет назад |
 | CVE-2016-6816 The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. | CVSS3: 7.1 | 3% Низкий | около 8 лет назад |
| CVE-2016-6816 The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0 ... | CVSS3: 7.1 | 3% Низкий | около 8 лет назад |
| ELSA-2017-0935 ELSA-2017-0935: tomcat security update (MODERATE) | около 8 лет назад | ||
| ELSA-2017-0527 ELSA-2017-0527: tomcat6 security update (MODERATE) | больше 8 лет назад | ||
 | openSUSE-SU-2016:3144-1 Security update for tomcat | больше 8 лет назад | ||
| openSUSE-SU-2016:3129-1 Security update for tomcat | больше 8 лет назад | ||
| SUSE-SU-2016:3081-1 Security update for tomcat | больше 8 лет назад | ||
| SUSE-SU-2016:3079-1 Security update for tomcat | больше 8 лет назад | ||
| SUSE-SU-2017:1632-1 Security update for tomcat6 | почти 8 лет назад | ||
| SUSE-SU-2017:1660-1 Security update for tomcat | почти 8 лет назад |
Уязвимостей на страницу