[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252097

 
 

909

 
 

196747

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81359 Download | Alert*

tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * tomcat: A bug in the UTF-8 decoder can lead to DoS For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section.

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to "/foo/" when the user requested "/foo") a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue.An improper handing of ove ...

The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue.An improper handing of ove ...

When the default servlet in Apache Tomcat versions 7.0.23 to 7.0.90 returned a redirect to a directory a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

When the default servlet in Apache Tomcat returned a redirect to a directory a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The ...

This update for tomcat6 fixes the following issue: Security issue fixed: - CVE-2018-11784: Fixed problem with specially crafted URLs that could be used to cause a redirect to any URI of an attackers choise .

This update for tomcat to 8.0.53 fixes the following issues: Security issue fixed: - CVE-2018-1336: An improper handing of overflow in the UTF-8 decoder with supplementary characters could have lead to an infinite loop in the decoder causing a Denial of Service . - CVE-2018-8034: The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default . - CVE-2 ...

This update for tomcat fixes the following issues: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice


Pages:      Start    3808    3809    3810    3811    3812    3813    3814    3815    3816    3817    3818    3819    3820    3821    ..   8135

© SecPod Technologies