| Max CVSS | 7.2 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-5425 | 7.2 |
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging me
|
12-02-2023 - 23:24 | 13-10-2016 - 14:59 | |
| CVE-2016-5388 | 5.1 |
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, wh
|
12-02-2023 - 23:23 | 19-07-2016 - 02:00 | |
| CVE-2017-6056 | 5.0 |
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backportin
|
03-10-2019 - 00:03 | 17-02-2017 - 07:59 |