Количество 8
Количество 8
GHSA-rq2w-37h9-vg94
Apache Tomcat improperly escapes input from JsonErrorReportValve

CVE-2022-45143
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.

CVE-2022-45143
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.

CVE-2022-45143
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.
CVE-2022-45143
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and ...

SUSE-SU-2023:1853-1
Security update for tomcat

BDU:2024-03597
Уязвимость класса JsonErrorReportValve сервера приложений Apache Tomcat, позволяющая нарушителю оказать влияние на целостность защищаемой информации

ROS-20240729-04
Уязвимость tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
---|---|---|---|---|
GHSA-rq2w-37h9-vg94 Apache Tomcat improperly escapes input from JsonErrorReportValve | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад | |
![]() | CVE-2022-45143 The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
![]() | CVE-2022-45143 The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
![]() | CVE-2022-45143 The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
CVE-2022-45143 The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and ... | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад | |
![]() | SUSE-SU-2023:1853-1 Security update for tomcat | 1% Низкий | больше 2 лет назад | |
![]() | BDU:2024-03597 Уязвимость класса JsonErrorReportValve сервера приложений Apache Tomcat, позволяющая нарушителю оказать влияние на целостность защищаемой информации | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
![]() | ROS-20240729-04 Уязвимость tomcat | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
Уязвимостей на страницу