Synopsis
Important: Red Hat JBoss Web Server 31 Service Pack 10 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31, for RHEL 6, RHEL 7 and WindowsRed Hat Product Security has rated this release as having a security impact of Importa ...
Synopsis
Low: tomcat security update
Type/Severity
Security Advisory: Low
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detai ...
Synopsis
Important: Red Hat JBoss Web Server 31 Service Pack 10 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31 for RHEL 6 and RHEL 7Red Hat Product Security has rated this release as having a security impact of Important A Comm ...
Synopsis
Important: Red Hat JBoss Web Server 53 release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Web Server 530 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is availableRed Hat Product Security has rated this release as having a security impact ofImportant A Common ...
Synopsis
Important: Red Hat JBoss Web Server 53 release
Type/Severity
Security Advisory: Important
Topic
Updated Red Hat JBoss Web Server 530 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8Red Hat Product Security has rated this relea ...
Synopsis
Important: Red Hat support for Spring Boot 2113 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Important A Common Vuln ...
Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling and code execution
in the AJP connector (disabled by default in Debian)
For the oldstable distribution (stretch), these problems have been fixed
in version 8554-0+deb9u1
We recommend that you upgrade your tomcat8 packages
...
Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling, code execution
in the AJP connector (disabled by default in Debian) or a man-in-the-middle
attack against the JMX interface
For the stable distribution (buster), these problems have been fixed in
version 9031-1~deb10u1 The ...
A flaw was found in Apache Tomcat The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular m ...
The refactoring present in Apache Tomcat 9028 to 9030, 8548 to 8550 and 7098 to 7099 introduced a regression The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the inva ...
A flaw was found in Apache Tomcat The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular m ...
In Apache Tomcat 900M1 to 9030, 850 to 8550 and 700 to 7099 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Enc ...
In Apache Tomcat 900M1 to 9030, 850 to 8550 and 700 to 7099 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Enc ...
Cosminexus Component Container contain the following vulnerabilities:
CVE-2020-1935, CVE-2020-1938
Cosminexus Component Container - Redirector contain the following vulnerability:
CVE-2020-1938
Affected products and versions are listed below Please upgrade your version to the appropriate version
This vulnerability exists in Cosminexus C ...