Количество 10
Количество 10
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
CVE-2015-5346
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...
GHSA-jrcp-c39h-r29x
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
BDU:2016-00612
Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям
ELSA-2016-2046
ELSA-2016-2046: tomcat security update (IMPORTANT)
openSUSE-SU-2016:0865-1
Security update for tomcat
SUSE-SU-2016:0822-1
Security update for tomcat
SUSE-SU-2016:0769-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 19% Средний | больше 9 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 19% Средний | больше 9 лет назад |
 | CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. | CVSS3: 8.1 | 19% Средний | больше 9 лет назад |
| CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ... | CVSS3: 8.1 | 19% Средний | больше 9 лет назад |
| GHSA-jrcp-c39h-r29x Improper Neutralization of Input During Web Page Generation in Apache Tomcat | CVSS3: 8.1 | 19% Средний | около 3 лет назад |
 | BDU:2016-00612 Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю получить доступ к веб-сессиям | CVSS2: 6.8 | 19% Средний | больше 9 лет назад |
| ELSA-2016-2046 ELSA-2016-2046: tomcat security update (IMPORTANT) | больше 8 лет назад | ||
 | openSUSE-SU-2016:0865-1 Security update for tomcat | около 9 лет назад | ||
| SUSE-SU-2016:0822-1 Security update for tomcat | больше 9 лет назад | ||
| SUSE-SU-2016:0769-1 Security update for tomcat | больше 9 лет назад |
Уязвимостей на страницу