Количество 1 263
Количество 1 263
SUSE-SU-2015:1281-1
Security update for tomcat
RLSA-2025:7494
Moderate: tomcat9 security update
RLSA-2024:0539
Important: tomcat security update
GHSA-xmf4-j3j7-xj7q
Apache Tomcat DoS Via Requests Including Null Characters
GHSA-xmc9-6p56-3c4v
Apache Tomcat XSS In Accept-Language Headers
GHSA-xh5x-j8jf-pcpx
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
GHSA-xcpr-7mr4-h4xq
Apache Tomcat - Authentication Bypass
GHSA-x89r-2wjq-mj7x
Apache Tomcat Discloses MS-DOS Pathname
GHSA-x75h-2jg7-ffxw
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
GHSA-x445-mmpw-7r4f
Apache Tomcat Allows Source Disclosure
GHSA-wr62-c79q-cv37
Apache Tomcat Catalina is vulnerable to DoS attack through bypassing of size limits
GHSA-wr3m-gw98-mc3j
Improper Input Validation in Apache Tomcat
GHSA-wq2p-q66w-q8gp
Apache Tomcat Denial of Service vulnerability
GHSA-wmwf-9ccg-fff5
Apache Tomcat Vulnerable to Relative Path Traversal
GHSA-wjwr-3jch-479j
Apache Tomcat SendMailServlet XSS
GHSA-wfvx-wr33-m97w
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.
GHSA-wfj7-mhr5-pcwq
Apache Tomcat Reveals Directories
GHSA-wf5v-jhxj-q632
Denial of service in Apache Tomcat
GHSA-wc4r-xq3c-5cf3
Apache Tomcat - Security constraint bypass for pre/post-resources
GHSA-w97x-xfxf-f9xj
Jakarta Tomcat Denial of Service vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2015:1281-1 Security update for tomcat | 12% Средний | больше 10 лет назад | |
 | RLSA-2025:7494 Moderate: tomcat9 security update | 94% Критический | 3 месяца назад | |
| RLSA-2024:0539 Important: tomcat security update | 55% Средний | почти 2 года назад | |
| GHSA-xmf4-j3j7-xj7q Apache Tomcat DoS Via Requests Including Null Characters | 3% Низкий | больше 3 лет назад | |
| GHSA-xmc9-6p56-3c4v Apache Tomcat XSS In Accept-Language Headers | 45% Средний | больше 3 лет назад | |
| GHSA-xh5x-j8jf-pcpx Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat | 71% Высокий | больше 3 лет назад | |
| GHSA-xcpr-7mr4-h4xq Apache Tomcat - Authentication Bypass | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
| GHSA-x89r-2wjq-mj7x Apache Tomcat Discloses MS-DOS Pathname | 18% Средний | больше 3 лет назад | |
| GHSA-x75h-2jg7-ffxw Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781. | 1% Низкий | больше 3 лет назад | |
| GHSA-x445-mmpw-7r4f Apache Tomcat Allows Source Disclosure | 22% Средний | больше 3 лет назад | |
| GHSA-wr62-c79q-cv37 Apache Tomcat Catalina is vulnerable to DoS attack through bypassing of size limits | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| GHSA-wr3m-gw98-mc3j Improper Input Validation in Apache Tomcat | 72% Высокий | больше 3 лет назад | |
| GHSA-wq2p-q66w-q8gp Apache Tomcat Denial of Service vulnerability | 71% Высокий | больше 3 лет назад | |
| GHSA-wmwf-9ccg-fff5 Apache Tomcat Vulnerable to Relative Path Traversal | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-wjwr-3jch-479j Apache Tomcat SendMailServlet XSS | 38% Средний | больше 3 лет назад | |
| GHSA-wfvx-wr33-m97w The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| GHSA-wfj7-mhr5-pcwq Apache Tomcat Reveals Directories | 56% Средний | больше 3 лет назад | |
| GHSA-wf5v-jhxj-q632 Denial of service in Apache Tomcat | 10% Низкий | больше 3 лет назад | |
| GHSA-wc4r-xq3c-5cf3 Apache Tomcat - Security constraint bypass for pre/post-resources | 0% Низкий | 6 месяцев назад | |
| GHSA-w97x-xfxf-f9xj Jakarta Tomcat Denial of Service vulnerability | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу