| Max CVSS | 6.4 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-1157 | 2.6 |
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the re
|
13-02-2023 - 04:17 | 23-04-2010 - 14:30 | |
| CVE-2009-2901 | 4.3 |
The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requ
|
13-02-2023 - 02:20 | 28-01-2010 - 20:30 | |
| CVE-2009-2902 | 4.3 |
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
|
13-02-2023 - 01:17 | 28-01-2010 - 20:30 | |
| CVE-2010-2227 | 6.4 |
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via
|
25-03-2019 - 11:32 | 13-07-2010 - 17:30 | |
| CVE-2009-2693 | 5.8 |
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat
|
25-03-2019 - 11:30 | 28-01-2010 - 20:30 |