Apache Software Foundation Tomcat 10.0.22

CPE Details

Apache Software Foundation Tomcat 10.0.22
10.0.22
2022-06-29
14h38 +00:00
2022-06-30
22h25 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apache:tomcat:10.0.22:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

tomcat

Version

10.0.22

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-42252 2022-11-01 00h00 +00:00 If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
7.5
High
CVE-2022-34305 2022-06-23 08h30 +00:00 In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
6.1
Medium