Количество 10
Количество 10
GHSA-jrcp-c39h-r29x
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...
BDU:2016-00612
Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям
ELSA-2016-2046
ELSA-2016-2046: tomcat security update (IMPORTANT)
openSUSE-SU-2016:0865-1
Security update for tomcat
SUSE-SU-2016:0822-1
Security update for tomcat
SUSE-SU-2016:0769-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-jrcp-c39h-r29x Improper Neutralization of Input During Web Page Generation in Apache Tomcat | CVSS3: 8.1 | 36% Средний | почти 4 года назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | около 10 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | около 10 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | около 10 лет назад |
| CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ... | CVSS3: 8.1 | 36% Средний | около 10 лет назад |
 | BDU:2016-00612 Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям | CVSS2: 6.8 | 36% Средний | около 10 лет назад |
| ELSA-2016-2046 ELSA-2016-2046: tomcat security update (IMPORTANT) | больше 9 лет назад | ||
 | openSUSE-SU-2016:0865-1 Security update for tomcat | около 10 лет назад | ||
| SUSE-SU-2016:0822-1 Security update for tomcat | около 10 лет назад | ||
| SUSE-SU-2016:0769-1 Security update for tomcat | около 10 лет назад |
Уязвимостей на страницу