- Home
- CVEs with nessus.description==According to its self-reported version number, the Apache Tomcat
instance listening on the remote host is prior to 8.0.0-RC10. It is,
therefore, affected by multiple vulnerabilities:
- The fix for CVE-2012-3544 was not complete and limits
are not properly applied to chunk extensions and
whitespaces in certain trailing headers. This error
could allow denial of service attacks. (CVE-2013-4322)
- The application allows XML External Entity (XXE)
processing that could disclose sensitive information.
(CVE-2013-4590)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top