Search CVE reports
51 – 60 of 48501 results
Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | Needs evaluation |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18,...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | Needs evaluation |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | Needs evaluation |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52,...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | Needs evaluation |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 16.04 LTS |
|---|---|
| tomcat6 | Needs evaluation |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | — |
| tomcat10 | — |
| tomcat11 | — |
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from the initial checks, there are conditions that cause an early return from the...
2 affected packages
jetty, jetty9
| Package | 16.04 LTS |
|---|---|
| jetty | Needs evaluation |
| jetty9 | Needs evaluation |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with custom role permissions to demote or...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parse_susp() function trusts len_id, len_des, and len_src fields from the disk image to memcpy data into a stack...
1 affected package
sleuthkit
| Package | 16.04 LTS |
|---|---|
| sleuthkit | Needs evaluation |