Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

71 – 80 of 111 results

CVE-2014-0227

Low priority

Some fixes available 4 of 9

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred,...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Fixed
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2013-4444

Medium priority
Ignored

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading...

1 affected packages

tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat7 Not affected
Show less packages

CVE-2014-0186

Medium priority
Not affected

A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an...

1 affected packages

tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat7
Show less packages

CVE-2014-0119

Low priority

Some fixes available 2 of 7

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not in release Not affected
tomcat7 Not in release Not affected Not affected
tomcat8 Not in release Not affected Not affected
Show less packages

CVE-2014-0099

Medium priority

Some fixes available 4 of 7

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0096

Medium priority

Some fixes available 4 of 7

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2014-0075

Medium priority

Some fixes available 4 of 7

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial...

3 affected packages

tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
tomcat8 Not affected Not affected
Show less packages

CVE-2013-4590

Low priority
Ignored

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx,...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not in release Not in release Not affected
tomcat7 Not in release Not affected Not affected
Show less packages

CVE-2014-0033

Low priority

Some fixes available 1 of 3

org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6
tomcat7
Show less packages

CVE-2013-4322

Medium priority

Some fixes available 4 of 7

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value...

2 affected packages

tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tomcat6 Not affected
tomcat7 Not affected
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON