Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5SOL16828
HistoryJul 02, 2015 - 12:00 a.m.

SOL16828 - Apache Tomcat vulnerability CVE-2005-2090

2015-07-0200:00:00
support.f5.com
41

0.972 High

EPSS

Percentile

99.8%

JSON

Recommended Action

If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.

F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.

Supplemental Information

  • SOL9970: Subscribing to email notifications regarding F5 products
  • SOL9957: Creating a custom RSS feed to view new and updated documents
  • SOL4602: Overview of the F5 security vulnerability response policy
  • SOL4918: Overview of the F5 critical issue hotfix policy
  • SOL167: Downloading software and firmware from F5
  • SOL13123: Managing BIG-IP product hotfixes (11.x)

Related

cert 1
nessus 24
cve 2
veracode 2
github 2
f5 1
tomcat 6
osv 2
cvelist 2
nvd 2
seebug 3
securityvulns 2
ubuntucve 1
debiancve 1
prion 1
openvas 12
freebsd 1
redhat 7
vmware 2
centos 1
fedora 2
oraclelinux 1
ibm 2
cert
cert
Single crafted HTTP request may result in multiple responses
2005-02-04 00:00:00
nessus
nessus
Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling
2011-11-18 00:00:00
Apache Tomcat 7.0.0 < 7.0.47 multiple vulnerabilities
2019-01-11 00:00:00
Apache Tomcat 8.0.0 < 8.0.0-RC3 multiple vulnerabilities
2024-05-23 00:00:00
cve
cve
CVE-2005-2090
2005-07-05 04:00:00
CVE-2013-4286
2014-02-26 14:55:08
veracode
veracode
HTTP Request Smuggling
2018-11-13 06:55:19
Request-smuggling Attacks
2019-01-15 08:59:20
github
github
Tomcat Vulnerable to Web Cache Poisoning
2022-05-01 02:04:54
Apache Tomcat is vulnerable to HTTP request-smuggling
2022-05-14 01:10:36
f5
f5
K16828 : Apache Tomcat vulnerability CVE-2005-2090
2015-07-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.23, 5.0.SVN
2007-03-09 00:00:00
Fixed in Apache Tomcat 6.0.11
2005-06-30 00:00:00
Fixed in Apache Tomcat 8.0.0-RC3
2013-09-23 00:00:00
osv
osv
Tomcat Vulnerable to Web Cache Poisoning
2022-05-01 02:04:54
Apache Tomcat is vulnerable to HTTP request-smuggling
2022-05-14 01:10:36
cvelist
cvelist
CVE-2005-2090
2005-06-30 04:00:00
CVE-2013-4286
2014-02-26 11:00:00
nvd
nvd
CVE-2005-2090
2005-07-05 04:00:00
CVE-2013-4286
2014-02-26 14:55:08
seebug
seebug
Apache Tomcat 安全限制绕过漏洞
2014-02-26 00:00:00
Apache Tomcat不完整修复信息泄漏漏洞
2014-02-27 00:00:00
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 &#40;Information disclosure&#41;
2014-02-28 00:00:00
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities &#40;Updated - v1.1&#41;
2009-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2013-4286
2014-02-26 00:00:00
debiancve
debiancve
CVE-2013-4286
2014-02-26 14:55:00
prion
prion
Design/Logic Flaw
2014-02-26 14:55:00
openvas
openvas
FreeBSD Ports: apache-tomcat
2008-09-04 00:00:00
FreeBSD Ports: apache-tomcat
2008-09-04 00:00:00
Fedora Update for Pound FEDORA-2014-13777
2014-11-12 00:00:00
freebsd
freebsd
tomcat -- multiple vulnerabilities
2007-04-27 00:00:00
redhat
redhat
(RHSA-2007:0360) Important: jbossas security update
2007-05-24 00:00:00
(RHSA-2007:0328) Important: tomcat security update
2007-05-24 00:00:00
(RHSA-2007:0327) Important: tomcat security update
2007-05-14 00:00:00
vmware
vmware
Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
2008-01-07 00:00:00
Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
2008-01-07 00:00:00
centos
centos
jakarta, tomcat5 security update
2007-05-14 22:49:09
fedora
fedora
[SECURITY] Fedora 19 Update: Pound-2.6-8.fc19
2014-11-07 02:38:03
[SECURITY] Fedora 20 Update: Pound-2.6-8.fc20
2014-11-12 02:45:18
oraclelinux
oraclelinux
Important: tomcat security update
2007-06-26 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4(CVE-2013-4286,CVE-2012-3544,CVE-2013-4322,CVE-2013-4590,CVE-2014-0033)
2018-06-15 07:01:06
Security Bulletin: Rational Lifecycle Adapter for HP ALM Apache Tomcat fix (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)
2018-06-17 04:55:05

0.972 High

EPSS

Percentile

99.8%

JSON
Related for SOL16828
cert1nessus24cve2veracode2github2f51tomcat6osv2cvelist2nvd2seebug3securityvulns2ubuntucve1debiancve1prion1openvas12freebsd1redhat7vmware2centos1fedora2oraclelinux1ibm2