|Max CVSS||6.8||Min CVSS||2.6||Total Count||3|
|ID||CVSS||Summary||Last (major) update||Published|
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions,
|28-11-2016 - 14:09||01-06-2013 - 10:21|
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
|11-12-2014 - 21:59||01-06-2013 - 10:21|
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive req
|05-03-2014 - 23:45||01-06-2013 - 10:21|