Количество 12
Количество 12
CVE-2018-1304
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.
CVE-2018-1304
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.
CVE-2018-1304
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.
CVE-2018-1304
The URL pattern of "" (the empty string) which exactly maps to the con ...
GHSA-6rxj-58jh-436r
Apache Tomcat unauthorized access vulnerability
BDU:2019-01759
Уязвимость сервера приложений Apache Tomcat, связанная с ошибками в настройках безопасности, позволяющая нарушителю получить доступ к ресурсам веб-приложений
SUSE-SU-2018:1847-1
Security update for tomcat6
openSUSE-SU-2018:0852-1
Security update for tomcat
SUSE-SU-2018:0817-1
Security update for tomcat
ELSA-2019-2205
ELSA-2019-2205: tomcat security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2018:3261-1
Security update for tomcat
SUSE-SU-2018:3388-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. | CVSS3: 5.9 | 2% Низкий | больше 7 лет назад |
 | CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. | CVSS3: 6.5 | 2% Низкий | больше 7 лет назад |
 | CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. | CVSS3: 5.9 | 2% Низкий | больше 7 лет назад |
| CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the con ... | CVSS3: 5.9 | 2% Низкий | больше 7 лет назад |
| GHSA-6rxj-58jh-436r Apache Tomcat unauthorized access vulnerability | CVSS3: 5.9 | 2% Низкий | больше 6 лет назад |
 | BDU:2019-01759 Уязвимость сервера приложений Apache Tomcat, связанная с ошибками в настройках безопасности, позволяющая нарушителю получить доступ к ресурсам веб-приложений | CVSS3: 5.9 | 2% Низкий | больше 7 лет назад |
 | SUSE-SU-2018:1847-1 Security update for tomcat6 | почти 7 лет назад | ||
| openSUSE-SU-2018:0852-1 Security update for tomcat | около 7 лет назад | ||
| SUSE-SU-2018:0817-1 Security update for tomcat | около 7 лет назад | ||
| ELSA-2019-2205 ELSA-2019-2205: tomcat security, bug fix, and enhancement update (MODERATE) | почти 6 лет назад | ||
| SUSE-SU-2018:3261-1 Security update for tomcat | больше 6 лет назад | ||
| SUSE-SU-2018:3388-1 Security update for tomcat | больше 6 лет назад |
Уязвимостей на страницу