Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

51 – 60 of 109 results

CVE-2014-0230

Low priority

Some fixes available 4 of 9

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Fixed
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0227

Low priority

Some fixes available 4 of 9

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred,...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Fixed
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0119

Low priority

Some fixes available 2 of 7

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not in release Not affected
tomcat7 Not in release Not affected Not affected
tomcat8 Not in release Not affected Not affected
Show less packages

CVE-2014-0099

Medium priority

Some fixes available 4 of 7

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0096

Medium priority

Some fixes available 4 of 7

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0075

Medium priority

Some fixes available 4 of 7

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2013-4590

Low priority
Ignored

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx,...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not in release Not affected
tomcat7 Not in release Not affected Not affected
Show less packages

CVE-2014-0033

Low priority

Some fixes available 1 of 3

org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6
tomcat7
Show less packages

CVE-2013-4322

Medium priority

Some fixes available 4 of 7

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not affected
tomcat7 Not affected
Show less packages

CVE-2013-4286

Medium priority

Some fixes available 4 of 7

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not affected
tomcat7 Not affected
Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON