| Max CVSS | 7.5 | Min CVSS | 5.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-17569 | 5.8 |
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of H
|
02-09-2022 - 15:30 | 24-02-2020 - 22:15 | |
| CVE-2020-1938 | 7.5 |
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available t
|
12-07-2022 - 17:42 | 24-02-2020 - 22:15 | |
| CVE-2020-1935 | 5.8 |
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smug
|
04-05-2021 - 19:19 | 24-02-2020 - 22:15 |