what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2022-45143

Status Candidate

Overview

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.

Related Files

Red Hat Security Advisory 2023-4612-01
Posted Aug 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4612-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.13 serves as a replacement for Red Hat support for Spring Boot 2.7.12, and includes security, bug fixes and enhancements. For more information, see the release notes linked in the References section. Issues addressed include bypass, code execution, denial of service, and deserialization vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-46877, CVE-2022-1471, CVE-2022-31684, CVE-2022-45143, CVE-2023-1108, CVE-2023-20860, CVE-2023-20861
SHA-256 | 9fce17aaf4b1e17b6dd5371a535e817dbb5fd71c7e4c095fca880dd19e594fbd
Download | Favorite | View
Gentoo Linux Security Advisory 202305-37
Posted May 30, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-37 - Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could result in denial of service. Versions greater than or equal to 10.1.8 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28709
SHA-256 | 45f3055dd1212611c490b5967696d349bbbf06ab3a8ea9c9ee46bb2a72175964
Download | Favorite | View
Red Hat Security Advisory 2023-1663-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1663-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2022-42252, CVE-2022-45143
SHA-256 | c0b211c61f5b1935e346647b65b123e0fa7907ee7a3ed75a15991b0a9fd45bb6
Download | Favorite | View
Red Hat Security Advisory 2023-1664-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1664-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2022-42252, CVE-2022-45143
SHA-256 | c0eb66100eff33a05cc9e2d9a75d565b68109c88876cfb85737526650fe5d7c1
Download | Favorite | View
Debian Security Advisory 5381-1
Posted Apr 6, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5381-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2022-42252, CVE-2022-45143, CVE-2023-28708
SHA-256 | c075620320d7d452a30243d6d87c977e801a36d550d06001a3391e0382de4541
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close