Download
| Alert*
oval:org.secpod.oval:def:508018
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: gstreamer: AV1 codec parser heap-based buffer overflow gstreamer: MXF demuxer use-after-free vulner ... oval:org.secpod.oval:def:1601879 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause ... oval:org.secpod.oval:def:95096 The host is installed with Apache Tomcat 11.0.0-M1 through 11.0.0-M10, 10.1.0-M1 through 10.1.15, 9.0.0-M1 through 9.0.82, or 8.5.0 through 8.5.95 and is prone to a request smuggling vulnerability. A flaw is present in the application, which fails to properly parse a specially crafted trailer header ... oval:org.secpod.oval:def:1507294 [1:9.0.62-27.3] - tomcat: HTTP request smuggling via malformed trailer headers oval:org.secpod.oval:def:97889 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: tomcat: HTTP request smuggling via malformed trailer headers For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ref ... oval:org.secpod.oval:def:2501315 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. oval:org.secpod.oval:def:2108444 Oracle Solaris 11 - ( CVE-2023-46589 ) oval:org.secpod.oval:def:3302230 Security update for tomcat10 oval:org.secpod.oval:def:19500551 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause ... oval:org.secpod.oval:def:4501530 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * tomcat: HTTP request smuggling via malformed trailer headers For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, r ... oval:org.secpod.oval:def:509087 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: tomcat: HTTP request smuggling via malformed trailer headers For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ref ... oval:org.secpod.oval:def:3302403 Security update for tomcat oval:org.secpod.oval:def:2600512 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. oval:org.secpod.oval:def:1702206 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause ... oval:org.secpod.oval:def:1507379 [1:9.0.62-37.el9_3.2] - Resolves: #2252050 HTTP request smuggling via malformed trailer headers oval:org.secpod.oval:def:89051398 This update for tomcat fixes the following issues: Security fixes: * CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing. Other fixes: * Streamline how patches are handled in the spec file of the package oval:org.secpod.oval:def:89051400 This update for tomcat fixes the following issues: Security fixes: * CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing. Other fixes: * Streamline how patches are handled in the spec file of the package oval:org.secpod.oval:def:89051458 This update for tomcat fixes the following issues: Updated to Tomcat 9.0.85: * CVE-2023-45648: Improve trailer header parsing . * CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows . * CVE-2023-42795: Improve handling of failures during recycle methods . * CVE-2023-46589: Fixed HTT ... oval:org.secpod.oval:def:613063 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-46589 Tomcat 9 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the poss ... oval:org.secpod.oval:def:613059 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-46589 Tomcat 10 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the pos ... oval:org.secpod.oval:def:99997 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-46589 Tomcat 10 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the pos ... |