BIT-tomcat-2024-21733

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/tomcat/BIT-tomcat-2024-21733.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-tomcat-2024-21733

Aliases

Published

2024-03-06T11:07:26.980Z

Modified

2024-03-06T11:25:28.861Z

Summary

[none]

Details

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

Database specific

{
    "cpes": [
        "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*",
        "cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / tomcat

Package

Name: tomcat
Purl: pkg:bitnami/tomcat

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

8.5.7

Fixed

8.5.64

Introduced

9.0.1

Fixed

9.0.44

Type: SEMVER
Events: Introduced

9.0.0-milestone11

Last affected

9.0.0-milestone11

Introduced

9.0.0-milestone12

Last affected

9.0.0-milestone12

Introduced

9.0.0-milestone13

Last affected

9.0.0-milestone13

Introduced

9.0.0-milestone14

Last affected

9.0.0-milestone14

Introduced

9.0.0-milestone15

Last affected

9.0.0-milestone15

Introduced

9.0.0-milestone16

Last affected

9.0.0-milestone16

Introduced

9.0.0-milestone17

Last affected

9.0.0-milestone17

Introduced

9.0.0-milestone18

Last affected

9.0.0-milestone18

Introduced

9.0.0-milestone19

Last affected

9.0.0-milestone19

Introduced

9.0.0-milestone20

Last affected

9.0.0-milestone20

Introduced

9.0.0-milestone21

Last affected

9.0.0-milestone21

Introduced

9.0.0-milestone22

Last affected

9.0.0-milestone22

Introduced

9.0.0-milestone23

Last affected

9.0.0-milestone23

Introduced

9.0.0-milestone24

Last affected

9.0.0-milestone24

Introduced

9.0.0-milestone25

Last affected

9.0.0-milestone25

Introduced

9.0.0-milestone26

Last affected

9.0.0-milestone26

Introduced

9.0.0-milestone27

Last affected

9.0.0-milestone27