exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2021-25329

Status Candidate

Overview

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Related Files

Gentoo Linux Security Advisory 202208-34
Posted Aug 22, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-34 - Multiple vulnerabilities have been discovered in Apache Tomcat, the worst of which could result in denial of service. Versions less than 8.5.82:8.5 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-25122, CVE-2021-25329, CVE-2021-30639, CVE-2021-30640, CVE-2021-33037, CVE-2021-42340, CVE-2022-34305
SHA-256 | 077be2b54802b552aa2444c9d86f7b9f2b66179442ffb4c75ef491cd837caab4
Red Hat Security Advisory 2021-3425-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3425-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.3.10 serves as a replacement for Red Hat support for Spring Boot 2.3.6, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-27782, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-3690
SHA-256 | 02316b7c2348dea628bd4fbd8f3a6138b2c22f74d360890d138f3a9524b08dde
Red Hat Security Advisory 2021-2561-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | f3cd1db006604fa6b5ec96f64cd45152cf6b247c0b550fab1007a90fe65d5bff
Red Hat Security Advisory 2021-2562-01
Posted Jun 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2021-25122, CVE-2021-25329
SHA-256 | 7483c97d1f9fb372e81b8472c214b78b36b64578a63172ce3a020369a769c580
Debian Security Advisory 4891-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4891-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2021-25122, CVE-2021-25329
SHA-256 | 1cc0c8e922520ac710a5eb680952a81085830ab697d578ee126aa8cdb6ed32ad
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close