rpm package
suse/tomcat&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (16)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-52316 | Cri | 9.8 | < 9.0.97-150200.71.1 | 9.0.97-150200.71.1 | Nov 18, 2024 | Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indic | |
| CVE-2024-22029 | Hig | 7.8 | < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 | Oct 16, 2024 | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root | |
| CVE-2024-34750 | Hig | 7.5 | < 9.0.91-150200.68.1 | 9.0.91-150200.68.1 | Jul 3, 2024 | Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn | |
| CVE-2024-24549 | Hig | 7.5 | < 9.0.87-150200.65.1 | 9.0.87-150200.65.1 | Mar 13, 2024 | Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers ha | |
| CVE-2024-23672 | Med | 6.3 | < 9.0.87-150200.65.1 | 9.0.87-150200.65.1 | Mar 13, 2024 | Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through | |
| CVE-2023-46589 | Hig | 7.5 | < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 | Nov 28, 2023 | Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header si | |
| CVE-2023-45648 | Med | 5.3 | < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 | Oct 10, 2023 | Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header | |
| CVE-2023-42795 | Med | 5.3 | < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 | Oct 10, 2023 | Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some part | |
| CVE-2023-42794 | Med | 5.9 | < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 | Oct 10, 2023 | Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web | |
| CVE-2023-44487 | Hig | 7.5 | KEV | < 9.0.82-150200.46.1 | 9.0.82-150200.46.1 | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2023-41080 | Med | 6.1 | < 9.0.82-150200.46.1 | 9.0.82-150200.46.1 | Aug 25, 2023 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, E | |
| CVE-2023-28709 | Hig | 7.5 | < 9.0.75-150200.41.1 | 9.0.75-150200.41.1 | May 22, 2023 | The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a | |
| CVE-2023-28708 | Med | 4.3 | < 9.0.43-150200.35.1 | 9.0.43-150200.35.1 | Mar 22, 2023 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not i | |
| CVE-2023-24998 | Hig | 7.5 | < 9.0.43-150200.35.1 | 9.0.43-150200.35.1 | Feb 20, 2023 | Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur | |
| CVE-2022-45143 | Hig | 7.5 | < 9.0.43-150200.38.1 | 9.0.43-150200.38.1 | Jan 3, 2023 | The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that inv | |
| CVE-2022-23181 | Hig | 7.0 | < 9.0.36-19.1 | 9.0.36-19.1 | Jan 27, 2022 | The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tom |
- affected < 9.0.97-150200.71.1fixed 9.0.97-150200.71.1
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indic
- affected < 9.0.85-150200.57.1fixed 9.0.85-150200.57.1
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
- affected < 9.0.91-150200.68.1fixed 9.0.91-150200.68.1
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn
- affected < 9.0.87-150200.65.1fixed 9.0.87-150200.65.1
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers ha
- affected < 9.0.87-150200.65.1fixed 9.0.87-150200.65.1
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through
- affected < 9.0.85-150200.57.1fixed 9.0.85-150200.57.1
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header si
- affected < 9.0.85-150200.57.1fixed 9.0.85-150200.57.1
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header
- affected < 9.0.85-150200.57.1fixed 9.0.85-150200.57.1
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some part
- affected < 9.0.85-150200.57.1fixed 9.0.85-150200.57.1
Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web
- affected < 9.0.82-150200.46.1fixed 9.0.82-150200.46.1
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- affected < 9.0.82-150200.46.1fixed 9.0.82-150200.46.1
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, E
- affected < 9.0.75-150200.41.1fixed 9.0.75-150200.41.1
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a
- affected < 9.0.43-150200.35.1fixed 9.0.43-150200.35.1
When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not i
- affected < 9.0.43-150200.35.1fixed 9.0.43-150200.35.1
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur
- affected < 9.0.43-150200.38.1fixed 9.0.43-150200.38.1
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that inv
- affected < 9.0.36-19.1fixed 9.0.36-19.1
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tom