Search CVE reports
141 – 142 of 142 results
Some fixes available 2 of 4
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to...
2 affected packages
tomcat5.5, tomcat6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tomcat5.5 | — | — | — | — |
| tomcat6 | — | — | — | — |
Some fixes available 2 of 4
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the...
2 affected packages
tomcat5.5, tomcat6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tomcat5.5 | — | — | — | — |
| tomcat6 | — | — | — | — |