Search CVE reports
41 – 50 of 379 results
Some fixes available 1 of 2
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | Not affected | Not affected | Not affected | Not affected | Not affected |
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
3 affected packages
lua-nginx-memcached, lua-nginx-redis, lua-nginx-websocket
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lua-nginx-memcached | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua-nginx-redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua-nginx-websocket | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 9 of 10
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | Fixed | Fixed | Fixed | Fixed | Fixed |
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Ignored | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| tomcat9 | Not affected | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 1 of 10
Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| tomcat9 | Not affected | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 1 of 10
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | — | Not affected | Not in release | Not in release | — |
| tomcat6 | — | Not in release | Not in release | Not in release | — |
| tomcat7 | — | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | — | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | — | Not affected | Not affected | Not affected | Not affected |
Some fixes available 1 of 5
Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat9 | Vulnerable | Not affected | Not affected | Not affected | Not affected |
Some fixes available 1 of 8
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process...
6 affected packages
tomcat10, tomcat11, tomcat6, tomcat7, tomcat8, tomcat9
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| tomcat10 | Not affected | Fixed | Not in release | Not in release | — |
| tomcat11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| tomcat6 | Not in release | Not in release | Not in release | Not in release | — |
| tomcat7 | Not in release | Not in release | Not in release | Not in release | Not affected |
| tomcat8 | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| tomcat9 | Not affected | Not affected | Vulnerable | Vulnerable | Vulnerable |
NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access.
1 affected package
ipmctl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ipmctl | Not in release | Needs evaluation | Needs evaluation | Ignored | — |