Количество 14
Количество 14
GHSA-fccv-jmmp-qg76
Apache Tomcat Improper Input Validation vulnerability
CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
CVE-2023-46589
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 1 ...
SUSE-SU-2024:0209-1
Security update for tomcat
SUSE-SU-2024:0208-1
Security update for tomcat10
SUSE-SU-2024:0206-1
Security update for tomcat
RLSA-2024:0539
Important: tomcat security update
ELSA-2024-1134
ELSA-2024-1134: tomcat security update (IMPORTANT)
ELSA-2024-0539
ELSA-2024-0539: tomcat security update (IMPORTANT)
BDU:2024-01300
Уязвимость сервера приложений Apache Tomcat, связанная с непоследовательной интерпретацией HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
SUSE-SU-2024:0472-1
Security update for tomcat
ROS-20240405-12
Множественные уязвимости tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-fccv-jmmp-qg76 Apache Tomcat Improper Input Validation vulnerability | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
 | CVE-2023-46589 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue. | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
 | CVE-2023-46589 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue. | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
 | CVE-2023-46589 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue. | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
| CVE-2023-46589 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 1 ... | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
 | SUSE-SU-2024:0209-1 Security update for tomcat | 45% Средний | больше 1 года назад | |
| SUSE-SU-2024:0208-1 Security update for tomcat10 | 45% Средний | больше 1 года назад | |
| SUSE-SU-2024:0206-1 Security update for tomcat | 45% Средний | больше 1 года назад | |
 | RLSA-2024:0539 Important: tomcat security update | 45% Средний | больше 1 года назад | |
| ELSA-2024-1134 ELSA-2024-1134: tomcat security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0539 ELSA-2024-0539: tomcat security update (IMPORTANT) | больше 1 года назад | ||
 | BDU:2024-01300 Уязвимость сервера приложений Apache Tomcat, связанная с непоследовательной интерпретацией HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 7.5 | 45% Средний | больше 1 года назад |
| SUSE-SU-2024:0472-1 Security update for tomcat | больше 1 года назад | ||
 | ROS-20240405-12 Множественные уязвимости tomcat | CVSS3: 7.5 | около 1 года назад |
Уязвимостей на страницу