Download
| Alert*
oval:org.secpod.oval:def:1601521
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using ... oval:org.secpod.oval:def:3301112 SUSE Security Update: Security update for tomcat oval:org.secpod.oval:def:64055 Oracle Solaris 11 - ( CVE-2020-9484 ) oval:org.secpod.oval:def:89046099 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation. - Remove log4j dependency, which is currently directly in use - Make the package RPM conflict even more specific to co ... oval:org.secpod.oval:def:89046130 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Make calculation of session storage location more robust - Remove log4j oval:org.secpod.oval:def:89046010 This update for tomcat fixes the following issues: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation oval:org.secpod.oval:def:1701684 The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using ... oval:org.secpod.oval:def:89046073 This update for tomcat fixes the following issues: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation oval:org.secpod.oval:def:77537 The host is installed with Apache Tomcat 10.0.0-M5 through 10.0.14, 9.0.35 through 9.0.56 or 8.5.55 through 8.5.73 and is prone to an race condition vulnerability. A flaw is present in application, which fails to handle tomcat persist sessions while using the FileStore. Successful exploitation allow ... oval:org.secpod.oval:def:1701773 The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using ... oval:org.secpod.oval:def:86418 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980 The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing concurrency bug that could cause client conn ... oval:org.secpod.oval:def:610230 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980 The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing concurrency bug that could cause client conn ... oval:org.secpod.oval:def:19500075 The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using ... |