| CVE-2023-42794 |
medium |
— |
5.5 |
|
|
|
2y ago |
Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in pro… |
| CVE-2023-42795 |
medium |
— |
5.5 |
|
|
|
2y ago |
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0… |
| CVE-2023-24998 |
medium |
— |
5.5 |
|
|
|
3y ago |
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploa… |
| CVE-2023-28709 |
medium |
— |
5.5 |
|
|
|
3y ago |
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used suc… |
| CVE-2020-17527 |
medium |
— |
5.5 |
|
|
|
4y ago |
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream re… |
| CVE-2014-0095 |
medium |
— |
5.0 |
|
|
|
12y ago |
Denial of service in Apache Tomcat |
| CVE-2014-0075 |
medium |
— |
5.0 |
|
|
|
12y ago |
Integer Overflow or Wraparound in Apache Tomcat |
