Количество 13
Количество 13
GHSA-qxf4-chvg-4r8r
Potential HTTP request smuggling in Apache Tomcat
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0. ...
ELSA-2020-5020
ELSA-2020-5020: tomcat security update (LOW)
BDU:2020-03567
Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
SUSE-SU-2020:2611-1
Security update for tomcat
openSUSE-SU-2020:0345-1
Security update for tomcat
SUSE-SU-2020:0631-1
Security update for tomcat
SUSE-SU-2020:0598-1
Security update for tomcat
SUSE-SU-2020:0632-1
Security update for tomcat
RLSA-2020:4847
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-qxf4-chvg-4r8r Potential HTTP request smuggling in Apache Tomcat | CVSS3: 4.8 | 1% Низкий | почти 6 лет назад |
 | CVE-2020-1935 In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. | CVSS3: 4.8 | 1% Низкий | почти 6 лет назад |
 | CVE-2020-1935 In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. | CVSS3: 4.3 | 1% Низкий | почти 6 лет назад |
 | CVE-2020-1935 In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. | CVSS3: 4.8 | 1% Низкий | почти 6 лет назад |
| CVE-2020-1935 In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0. ... | CVSS3: 4.8 | 1% Низкий | почти 6 лет назад |
| ELSA-2020-5020 ELSA-2020-5020: tomcat security update (LOW) | около 5 лет назад | ||
 | BDU:2020-03567 Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 4.8 | 1% Низкий | почти 6 лет назад |
 | SUSE-SU-2020:2611-1 Security update for tomcat | больше 5 лет назад | ||
| openSUSE-SU-2020:0345-1 Security update for tomcat | почти 6 лет назад | ||
| SUSE-SU-2020:0631-1 Security update for tomcat | почти 6 лет назад | ||
| SUSE-SU-2020:0598-1 Security update for tomcat | почти 6 лет назад | ||
| SUSE-SU-2020:0632-1 Security update for tomcat | почти 6 лет назад | ||
 | RLSA-2020:4847 Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update | около 5 лет назад |
Уязвимостей на страницу