Debian Bug report logs -
#991046
tomcat9: CVE-2021-33037 CVE-2021-30640 CVE-2021-30639
Package:
src:tomcat9;
Maintainer for src:tomcat9 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Tue, 13 Jul 2021 12:12:27 UTC
Severity: grave
Tags: ...
Several security issues were fixed in Tomcat ...
Synopsis
Important: Red Hat support for Spring Boot 2510 update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: Red Hat Fuse 7110 release and security update
Type/Severity
Security Advisory: Important
Topic
A minor version update (from 710 to 711) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
which could result in HTTP request smuggling, bypass of logout
restrictions or authentications using variations of a valid user name
For the stable distribution (buster), these problems have been fixed in
version 9031-1~deb10u5
We recommend that you upgrade your tomcat9 p ...
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
which could result in denial of service
For the oldstable distribution (buster), these problems have been fixed
in version 9031-1~deb10u6
For the stable distribution (bullseye), these problems have been fixed in
version 9043-2~deb11u2
We recommend that you upgrade your ...
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm This issue affects Apache Tomcat 1000-M1 to 1005; 900M1 to 9045; 850 to 8565 (CVE-2021-30640)
Apache Tomcat 1000-M1 to 1006, 900M1 to ...
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm This issue affects Apache Tomcat 1000-M1 to 1005; 900M1 to 9045; 850 to 8565 (CVE-2021-30640) ...
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm This issue affects Apache Tomcat 1000-M1 to 1005; 900M1 to 9045; 850 to 8565 ...
Multiple vulnerabilities have been found in Hitachi Ops Center Common Services
CVE-2020-1695, CVE-2020-1723, CVE-2020-1725, CVE-2020-10770, CVE-2020-14302, CVE-2020-15522, CVE-2020-25711, CVE-2020-27838, CVE-2020-28052, CVE-2020-28491, CVE-2021-3424, CVE-2021-3712, CVE-2021-20195, CVE-2021-20202, CVE-2021-20222, CVE-2021-20262, CVE-2021-21290, C ...