exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 12

GHSA-q6x7-f33r-3wxx

больше 3 лет назад

Incorrect Authorization in Apache Tomcat

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

около 8 лет назад

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

около 9 лет назад

CVSS3: 3.7

EPSS: Низкий

CVE-2016-6797

около 8 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2016-6797

около 8 лет назад

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9. ...

CVSS3: 7.5

EPSS: Низкий

ELSA-2017-2247

больше 8 лет назад

ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW)

EPSS: Низкий

openSUSE-SU-2016:3144-1

почти 9 лет назад

Security update for tomcat

EPSS: Низкий

openSUSE-SU-2016:3129-1

почти 9 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2016:3081-1

почти 9 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2016:3079-1

почти 9 лет назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2017:1632-1

больше 8 лет назад

Security update for tomcat6

EPSS: Низкий

SUSE-SU-2017:1660-1

больше 8 лет назад

Security update for tomcat

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-q6x7-f33r-3wxx Incorrect Authorization in Apache Tomcat	CVSS3: 7.5	1% Низкий	больше 3 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 7.5	1% Низкий	около 8 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 3.7	1% Низкий	около 9 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.	CVSS3: 7.5	1% Низкий	около 8 лет назад
CVE-2016-6797 The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9. ...	CVSS3: 7.5	1% Низкий	около 8 лет назад
ELSA-2017-2247 ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW)			больше 8 лет назад
openSUSE-SU-2016:3144-1 Security update for tomcat			почти 9 лет назад
openSUSE-SU-2016:3129-1 Security update for tomcat			почти 9 лет назад
SUSE-SU-2016:3081-1 Security update for tomcat			почти 9 лет назад
SUSE-SU-2016:3079-1 Security update for tomcat			почти 9 лет назад
SUSE-SU-2017:1632-1 Security update for tomcat6			больше 8 лет назад
SUSE-SU-2017:1660-1 Security update for tomcat			больше 8 лет назад

Уязвимостей на страницу