Количество 35
Количество 35
SUSE-SU-2018:1847-1
Security update for tomcat6
ELSA-2017-1809
ELSA-2017-1809: tomcat security update (IMPORTANT)
SUSE-SU-2017:1660-1
Security update for tomcat
CVE-2017-12615
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12615
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12615
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12615
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs e ...
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22 ...
GHSA-pjfr-qf3p-3q25
When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server
GHSA-xjgh-84hx-56c5
Unrestricted Upload of File with Dangerous Type Apache Tomcat
BDU:2023-01045
Уязвимость сервера приложений Apache Tomcat, связанная с отсутствием ограничений на загрузку файлов, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2021:14705-1
Security update for tomcat6
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2018:1847-1 Security update for tomcat6 | почти 7 лет назад | ||
| ELSA-2017-1809 ELSA-2017-1809: tomcat security update (IMPORTANT) | почти 8 лет назад | ||
| SUSE-SU-2017:1660-1 Security update for tomcat | почти 8 лет назад | ||
 | CVE-2017-12615 When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | почти 8 лет назад |
 | CVE-2017-12615 When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | почти 8 лет назад |
 | CVE-2017-12615 When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | почти 8 лет назад |
| CVE-2017-12615 When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs e ... | CVSS3: 8.1 | 94% Критический | почти 8 лет назад |
| CVE-2017-12617 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | больше 7 лет назад |
| CVE-2017-12617 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | больше 7 лет назад |
| CVE-2017-12617 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. | CVSS3: 8.1 | 94% Критический | больше 7 лет назад |
| CVE-2017-12617 When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22 ... | CVSS3: 8.1 | 94% Критический | больше 7 лет назад |
| GHSA-pjfr-qf3p-3q25 When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server | CVSS3: 8.1 | 94% Критический | больше 6 лет назад |
| GHSA-xjgh-84hx-56c5 Unrestricted Upload of File with Dangerous Type Apache Tomcat | CVSS3: 8.1 | 94% Критический | около 3 лет назад |
 | BDU:2023-01045 Уязвимость сервера приложений Apache Tomcat, связанная с отсутствием ограничений на загрузку файлов, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.1 | 94% Критический | больше 7 лет назад |
| SUSE-SU-2021:14705-1 Security update for tomcat6 | около 4 лет назад |
Уязвимостей на страницу