Lucene search
GoogleOSV:USN-5360-1HistoryMar 31, 2022 - 6:51 p.m.
tomcat9 vulnerabilities
2022-03-3118:51:57
Google
osv.dev
4
It was discovered that Tomcat incorrectly performed input verification.
A remote attacker could possibly use this issue to intercept sensitive
information. (CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640)
It was discovered that Tomcat did not properly deserialize untrusted data.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-9484, CVE-2021-33037)
It was discovered that Tomcat did not properly validate the input length. An
attacker could possibly use this to trigger an infinite loop, resulting in a
denial of service. (CVE-2021-25329, CVE-2021-41079)
References
bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1915911
ubuntu.com/security/CVE-2020-13943
ubuntu.com/security/CVE-2020-17527
ubuntu.com/security/CVE-2020-9484
ubuntu.com/security/CVE-2021-25122
ubuntu.com/security/CVE-2021-25329
ubuntu.com/security/CVE-2021-30640
ubuntu.com/security/CVE-2021-33037
ubuntu.com/security/CVE-2021-41079
ubuntu.com/security/notices/USN-5360-1
Related
openvas
openvas
Ubuntu: Security Advisory (USN-5360-1)
2022-04-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3669-1)
2021-11-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3672-1)
2021-11-17 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2022-03-31 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Tomcat vulnerabilities (USN-5360-1)
2022-04-01 00:00:00
SUSE SLES15 Security Update : tomcat (SUSE-SU-2021:3669-1)
2021-11-17 00:00:00
SUSE SLES15 Security Update : tomcat (SUSE-SU-2021:3670-1)
2021-11-17 00:00:00
atlassian
atlassian
Upgrade the bundled version of Apache Tomcat to 8.5.68 or later
2021-07-14 11:35:20
Upgrade the bundled version of Apache Tomcat to 8.5.68 or later
2021-07-14 11:35:20
8.5 and 8.13 LTS releases should bundle Tomcat 8.5.63 or higher
2021-04-12 15:50:10
suse
suse
Security update for tomcat (moderate)
2021-11-19 00:00:00
Security update for tomcat (moderate)
2021-11-16 00:00:00
Security update for tomcat (important)
2021-04-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 10.0.2
2021-02-02 00:00:00
Fixed in Apache Tomcat 8.5.63
2021-02-02 00:00:00
Fixed in Apache Tomcat 9.0.43
2021-02-02 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerability
2021-10-23 13:05:28
Updated tomcat packages fix security vulnerabilities
2021-07-20 13:46:47
Updated tomcat packages fix security vulnerability
2021-01-10 22:46:12
osv
osv
tomcat9 - security update
2021-08-09 00:00:00
tomcat9 - security update
2021-01-22 00:00:00
tomcat8 - security update
2021-08-05 00:00:00
debian
debian
[SECURITY] [DSA 4835-1] tomcat9 security update
2021-01-22 18:48:45
[SECURITY] [DLA 2733-1] tomcat8 security update
2021-08-05 21:40:35
[SECURITY] [DSA 4984-1] tomcat9 security update
2021-10-14 20:33:21
redhat
redhat
(RHSA-2021:2562) Moderate: Red Hat JBoss Web Server 5.5.0 security release
2021-06-29 08:35:57
(RHSA-2021:2561) Moderate: Red Hat JBoss Web Server 5.5.0 Security release
2021-06-29 08:34:12
symantec
symantec
Apache Tomcat Vulnerabilities May 2020 - Mar 2021
2021-03-16 19:59:07
gentoo
gentoo
Apache Tomcat: Multiple Vulnerabilities
2022-08-21 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0208
2021-03-17 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0372
2021-03-18 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0208
2021-03-16 00:00:00
kaspersky
kaspersky
KLA12104 Multiple vulnerabilities in Apache Tomcat
2021-02-02 00:00:00
KLA12325 SB vulnerability in Apache Tomcat
2021-04-26 00:00:00
ibm
ibm
attackerkb
attackerkb
CVE-2020-9484 — PersistentManager Java deserialization vulnerability
2020-05-20 00:00:00
veracode
veracode
Remote Code Execution
2021-03-03 06:05:38
Remote Code Execution (RCE)
2021-03-02 07:51:38
Information Disclosure
2020-10-13 04:49:31
amazon
amazon
Important: tomcat8
2021-03-23 23:07:00
Low: tomcat7
2021-04-07 00:18:00
Medium: tomcat8
2020-12-16 20:52:00
redhatcve
redhatcve
CVE-2021-25329
2021-03-02 12:32:45
CVE-2021-30640
2021-07-12 19:46:17
f5
f5
K73648110 : Apache Tomcat vulnerability CVE-2021-25329
2021-03-16 00:00:00
K35033051 : Tomcat vulnerability CVE-2021-30640
2021-07-28 00:00:00
github
github
Potential remote code execution in Apache Tomcat
2021-03-19 20:11:13
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-02-09 22:58:06
cvelist
cvelist
CVE-2021-25329 Incomplete fix for CVE-2020-9484
2021-03-01 12:00:20
CVE-2020-17527 Apache Tomcat: Request header mix-up between HTTP/2 streams
2020-12-03 18:30:14
CVE-2021-33037 Incorrect Transfer-Encoding handling with HTTP/1.0
2021-07-12 14:55:15
prion
prion
Design/Logic Flaw
2021-03-01 12:15:00
Cross site request forgery (csrf)
2020-10-12 14:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2258
2023-10-21 16:49:43
ubuntucve
ubuntucve
cve
cve
nvd
nvd
CVE-2021-25329
2021-03-01 12:15:14
debiancve
debiancve
CVE-2021-25329
2021-03-01 12:15:14
CVE-2021-30640
2021-07-12 15:15:08
freebsd
freebsd
tomcat -- HTTP request smuggling in multiple versions
2021-05-07 00:00:00
tomcat -- JNDI Realm Authentication Weakness in multiple versions
2021-04-08 00:00:00