Количество 10
Количество 10
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...
GHSA-jrcp-c39h-r29x
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
BDU:2016-00612
Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям
ELSA-2016-2046
ELSA-2016-2046: tomcat security update (IMPORTANT)
openSUSE-SU-2016:0865-1
Security update for tomcat
SUSE-SU-2016:0822-1
Security update for tomcat
SUSE-SU-2016:0769-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | почти 10 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | почти 10 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 36% Средний | почти 10 лет назад |
| CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ... | CVSS3: 8.1 | 36% Средний | почти 10 лет назад |
| GHSA-jrcp-c39h-r29x Improper Neutralization of Input During Web Page Generation in Apache Tomcat | CVSS3: 8.1 | 36% Средний | больше 3 лет назад |
 | BDU:2016-00612 Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям | CVSS2: 6.8 | 36% Средний | почти 10 лет назад |
| ELSA-2016-2046 ELSA-2016-2046: tomcat security update (IMPORTANT) | больше 9 лет назад | ||
 | openSUSE-SU-2016:0865-1 Security update for tomcat | почти 10 лет назад | ||
| SUSE-SU-2016:0822-1 Security update for tomcat | почти 10 лет назад | ||
| SUSE-SU-2016:0769-1 Security update for tomcat | почти 10 лет назад |
Уязвимостей на страницу