Количество 1 143
Количество 1 143
GHSA-42j3-498q-m6vp
Improper Input Validation in Apache Tomcat
GHSA-3xpj-jgv5-q4vv
Access restriction bypass in Apache Tomcat
GHSA-3vx3-xf6q-r5xp
Exposure of Resource to Wrong Sphere in Apache Tomcat
GHSA-3vp9-jf7f-cv3c
Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
GHSA-3p86-xgrq-m6p6
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
GHSA-3p5r-7cw3-2m67
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
GHSA-3p2h-wqq4-wf4h
Apache Tomcat Denial of Service via invalid HTTP priority header
GHSA-3gv7-3h64-78cm
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
GHSA-372q-33vh-8mpc
Inconsistent documentation in Apache Tomcat
GHSA-36hp-4x3g-phrg
Apache Tomcat's CookieExample Vulnerable to XSS
GHSA-2w2w-cv3h-rr38
Apache Tomcat Reveals Path through Long URL
GHSA-2c9m-w27f-53rm
Apache Tomcat vulnerable to Unprotected Transport of Credentials
GHSA-28cq-6rmx-pjq4
Improper Authentication in Apache Tomcat
GHSA-27hp-xhwr-wr2m
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
GHSA-25xr-qj8w-c4vf
Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
CVE-2025-53506
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an ...
CVE-2025-52520
For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-42j3-498q-m6vp Improper Input Validation in Apache Tomcat | 86% Высокий | около 3 лет назад | |
| GHSA-3xpj-jgv5-q4vv Access restriction bypass in Apache Tomcat | 2% Низкий | около 3 лет назад | |
| GHSA-3vx3-xf6q-r5xp Exposure of Resource to Wrong Sphere in Apache Tomcat | CVSS3: 9.1 | 6% Низкий | около 3 лет назад |
| GHSA-3vp9-jf7f-cv3c Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007. | 18% Средний | больше 3 лет назад | |
| GHSA-3p86-xgrq-m6p6 Improper Neutralization of Input During Web Page Generation in Apache Tomcat | 32% Средний | больше 3 лет назад | |
| GHSA-3p5r-7cw3-2m67 Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | 7% Низкий | около 3 лет назад | |
| GHSA-3p2h-wqq4-wf4h Apache Tomcat Denial of Service via invalid HTTP priority header | 1% Низкий | 3 месяца назад | |
| GHSA-3gv7-3h64-78cm Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | CVSS3: 7.5 | 3% Низкий | около 3 лет назад |
| GHSA-372q-33vh-8mpc Inconsistent documentation in Apache Tomcat | CVSS3: 5.3 | 5% Низкий | около 3 лет назад |
| GHSA-36hp-4x3g-phrg Apache Tomcat's CookieExample Vulnerable to XSS | 3% Низкий | больше 3 лет назад | |
| GHSA-2w2w-cv3h-rr38 Apache Tomcat Reveals Path through Long URL | 3% Низкий | больше 3 лет назад | |
| GHSA-2c9m-w27f-53rm Apache Tomcat vulnerable to Unprotected Transport of Credentials | CVSS3: 4.3 | 0% Низкий | больше 2 лет назад |
| GHSA-28cq-6rmx-pjq4 Improper Authentication in Apache Tomcat | 3% Низкий | около 3 лет назад | |
| GHSA-27hp-xhwr-wr2m Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability | 15% Средний | 8 месяцев назад | |
| GHSA-25xr-qj8w-c4vf Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams | CVSS3: 7.5 | 0% Низкий | 30 дней назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 7.5 | 0% Низкий | 30 дней назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 5.3 | 0% Низкий | 30 дней назад |
 | CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 7.5 | 0% Низкий | 30 дней назад |
| CVE-2025-53506 Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an ... | CVSS3: 7.5 | 0% Низкий | 30 дней назад |
| CVE-2025-52520 For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | CVSS3: 7.5 | 0% Низкий | 30 дней назад |
Уязвимостей на страницу