CVE search results

51 – 53 of 53 results

Detailed view

Sort by:

CVE-2017-5650

Medium priority

Not affected

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE...

2 affected packages

tomcat8, tomcat9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tomcat8	—	—	—	—	Not affected
tomcat9	—	—	—	—	Not in release

CVE-2016-3092

Medium priority

Some fixes available 8 of 13

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...

5 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8, tomcat9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libcommons-fileupload-java	Not affected	Not affected	Not affected	Not affected	Fixed
tomcat6	Not in release	Not in release	Not in release	Not in release	Vulnerable
tomcat7	Not in release	Not in release	Not in release	Not affected	Fixed
tomcat8	Not in release	Not in release	Not in release	Not affected	Fixed
tomcat9	Not affected	Not affected	Not affected	Not affected	Not in release

CVE-2015-5345

Low priority

Some fixes available 6 of 9

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to...

4 affected packages

tomcat6, tomcat7, tomcat8, tomcat9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tomcat6	—	—	—	Not in release	Fixed
tomcat7	—	—	—	Not affected	Not affected
tomcat8	—	—	—	Not affected	Not affected
tomcat9	—	—	—	Fixed	Not in release

Export to JSON

Results by page:

Search CVE reports