Debian Bug report logs -
#952436
tomcat7: CVE-2020-1938 AJP Request Injection and potential RCE
Package:
tomcat7;
Maintainer for tomcat7 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat7 is src:tomcat7 (PTS, buildd, popcon)
Reported by: Joost van Baal-Ilić <joostvb+debian-bugs@ ...
Debian Bug report logs -
#952437
tomcat9: vulnerable for "ghostcat", CVE-2020-1938 / CNVD-2020-10487
Package:
tomcat9;
Maintainer for tomcat9 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat9 is src:tomcat9 (PTS, buildd, popcon)
Reported by: Joost van Baal-Ilić <joostvb+debian- ...
Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling and code execution
in the AJP connector (disabled by default in Debian)
For the oldstable distribution (stretch), these problems have been fixed
in version 8554-0+deb9u1
We recommend that you upgrade your tomcat8 packages
...
Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling, code execution
in the AJP connector (disabled by default in Debian) or a man-in-the-middle
attack against the JMX interface
For the stable distribution (buster), these problems have been fixed in
version 9031-1~deb10u1 The ...
Synopsis
Important: Red Hat JBoss Web Server 53 release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Web Server 530 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is availableRed Hat Product Security has rated this release as having a security impact ofImportant A Common ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 64 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 5, 6, and 7Red Hat Product Security has rated this update as h ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 64 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64Red Hat Product Security has rated this update as having a security impact of Important A C ...
Synopsis
Important: Red Hat JBoss Web Server 53 release
Type/Severity
Security Advisory: Important
Topic
Updated Red Hat JBoss Web Server 530 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8Red Hat Product Security has rated this relea ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64Red Hat Product Security has rated this update as having a security impact of Important ...
Synopsis
Important: Red Hat JBoss Web Server 31 Service Pack 8 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31Red Hat Product Security has rated this release as having a security impact of Important A Common Vulnerability Scorin ...
Synopsis
Important: tomcat security update
Type/Severity
Security Advisory: Important
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis
Important: tomcat6 security update
Type/Severity
Security Advisory: Important
Topic
An update for tomcat6 is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Important: tomcat security update
Type/Severity
Security Advisory: Important
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Red Hat JBoss Web Server 31 Service Pack 8 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31 for RHEL 6 and RHEL 7Red Hat Product Security has rated this release as having a security impact of Important A Commo ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 6423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 5Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Red Hat support for Spring Boot 2113 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Important A Common Vuln ...
The refactoring present in Apache Tomcat 9028 to 9030, 8548 to 8550 and 7098 to 7099 introduced a regression The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the inva ...
The host name verification when using TLS with the WebSocket client was missing It is now enabled by default Versions Affected: Apache Tomcat 900M1 to 909, 850 to 8531, 800RC1 to 8052, and 7035 to 7088 (CVE-2018-8034)
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Ap ...
In Apache Tomcat 900M1 to 9030, 850 to 8550 and 700 to 7099 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Enc ...
In Apache Tomcat 900M1 to 9030, 850 to 8550 and 700 to 7099 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Enc ...
Cosminexus Component Container contain the following vulnerabilities:
CVE-2020-1935, CVE-2020-1938
Cosminexus Component Container - Redirector contain the following vulnerability:
CVE-2020-1938
Affected products and versions are listed below Please upgrade your version to the appropriate version
This vulnerability exists in Cosminexus C ...
A vulnerability (CVE-2020-1938) exists in JP1 and Hitachi IT Operations Director
Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Multiple vulnerabilities have been found in JP1/Automatic Job Management System 3 - Web Operation Assistant
CVE-2018-0739, CVE-2018-1301, CVE-2019-1559, CVE-2019-1563, CVE-2020-1938
Affected products and versions are listed below Please upgrade your version to the appropriate version ...