CVE-2022-42252

Related Files

Ubuntu Security Notice USN-6880-1

Posted Jul 9, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6880-1 - Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks.

tags | advisory, remote, web

systems | linux, ubuntu

advisories | CVE-2022-42252

SHA-256 | a1b7658d93cbe9452fafc9962055ac3264eb70250edec2116b29a0ee545cc5ae

Download | Favorite | View

Gentoo Linux Security Advisory 202305-37

Posted May 30, 2023

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-37 - Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could result in denial of service. Versions greater than or equal to 10.1.8 are affected.

tags | advisory, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28709

SHA-256 | 45f3055dd1212611c490b5967696d349bbbf06ab3a8ea9c9ee46bb2a72175964

Download | Favorite | View

Red Hat Security Advisory 2023-1663-01

Posted Apr 12, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1663-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web

systems | linux, redhat

advisories | CVE-2022-42252, CVE-2022-45143

SHA-256 | c0b211c61f5b1935e346647b65b123e0fa7907ee7a3ed75a15991b0a9fd45bb6

Download | Favorite | View

Red Hat Security Advisory 2023-1664-01

Posted Apr 12, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1664-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web

systems | linux, redhat

advisories | CVE-2022-42252, CVE-2022-45143

SHA-256 | c0eb66100eff33a05cc9e2d9a75d565b68109c88876cfb85737526650fe5d7c1

Download | Favorite | View

Debian Security Advisory 5381-1

Posted Apr 6, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5381-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2022-42252, CVE-2022-45143, CVE-2023-28708

SHA-256 | c075620320d7d452a30243d6d87c977e801a36d550d06001a3391e0382de4541

Download | Favorite | View