exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 12

GHSA-q6x7-f33r-3wxx

около 3 лет назад

Incorrect Authorization in Apache Tomcat

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

почти 8 лет назад

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

больше 8 лет назад

CVSS3: 3.7

EPSS: Низкий

CVE-2016-6797

почти 8 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

почти 8 лет назад

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9. ...

CVSS3: 7.5

EPSS: Низкий

ELSA-2017-2247

почти 8 лет назад

ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW)

EPSS: Низкий

openSUSE-SU-2016:3144-1

больше 8 лет назад

Security update for tomcat

EPSS: Низкий

openSUSE-SU-2016:3129-1

больше 8 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2016:3081-1

больше 8 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2016:3079-1

больше 8 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2017:1632-1

почти 8 лет назад

Security update for tomcat6

EPSS: Низкий

SUSE-SU-2017:1660-1

почти 8 лет назад

Security update for tomcat

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-q6x7-f33r-3wxx Incorrect Authorization in Apache Tomcat	CVSS3: 7.5	1% Низкий	около 3 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 7.5	1% Низкий	почти 8 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 3.7	1% Низкий	больше 8 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 7.5	1% Низкий	почти 8 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9. ...	CVSS3: 7.5	1% Низкий	почти 8 лет назад
ELSA-2017-2247 ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW)			почти 8 лет назад
openSUSE-SU-2016:3144-1 Security update for tomcat			больше 8 лет назад
openSUSE-SU-2016:3129-1 Security update for tomcat			больше 8 лет назад
SUSE-SU-2016:3081-1 Security update for tomcat			больше 8 лет назад
SUSE-SU-2016:3079-1 Security update for tomcat			больше 8 лет назад
SUSE-SU-2017:1632-1 Security update for tomcat6			почти 8 лет назад
SUSE-SU-2017:1660-1 Security update for tomcat			почти 8 лет назад

Уязвимостей на страницу