CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-40690 – Bypass of the secureValidation property
https://notcve.org/view.php?id=CVE-2021-40690
19 Sep 2021 — All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. Todas las versiones de Apache Santuario - XML Security for Java anteriores a 2.2.3 y 2.1.7 son vulnerables a un problema donde la propiedad "secureValidation" no es pasad... • https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa%40%3Ccommits.tomee.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-13931
https://notcve.org/view.php?id=CVE-2020-13931
17 Dec 2020 — If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creation of the JMX management interface, however the incomplete fix did not cover this edge case. Si Apache TomEE versiones 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 está configurado para utilizar e... • https://lists.apache.org/thread.html/r7f98907165b355dc65f28a57f15103a06173ce03261115fa46d569b4%40%3Cdev.tomee.apache.org%3E •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-11969
https://notcve.org/view.php?id=CVE-2020-11969
15 Jun 2020 — If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 - 7.0.7, Apache TomEE 1.0.0 - 1.7.5. Si Apache TomEE está configurado para usar un broker ActiveMQ incorporado, y el URI del broker incluye el parámetro useJMX=true, se abre un puerto JMX en el puerto TCP 1099, que no ... • http://www.openwall.com/lists/oss-security/2020/12/16/2 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.8EPSS: 9%CPEs: 25EXPL: 0CVE-2019-17569 – tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling
https://notcve.org/view.php?id=CVE-2019-17569
24 Feb 2020 — The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. La refactorización presente en Apache Tomcat versiones 9.0.28 ha... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 13%CPEs: 34EXPL: 0CVE-2019-17359
https://notcve.org/view.php?id=CVE-2019-17359
08 Oct 2019 — The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64. El analizador ASN.1 en Bouncy Castle Crypto (también se conoce como BC Java) versión 1.63, puede desencadenar un intento de asignación de memoria grande y un error OutOfMemoryError resultante, por medio de datos ASN.1 diseñados. Esto se corrige en la versión 1.64. • https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209%40%3Ccommits.tomee.apache.org%3E • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 0CVE-2018-8031
https://notcve.org/view.php?id=CVE-2018-8031
23 Jul 2018 — The Apache TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This issue can be mitigated by removing the application after TomEE is setup (if using the application to install TomEE), using one of the provided pre-configured bundles, or by upgrading to TomEE 7.0.5. This issue is... • https://lists.apache.org/thread.html/c4b0d83a534d6cdf2de54dbbd00e3538072ac2e360781b784608ed0d%40%3Cdev.tomee.apache.org%3E • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 9%CPEs: 2EXPL: 0CVE-2016-0779 – Apache TomEE Patched
https://notcve.org/view.php?id=CVE-2016-0779
16 Mar 2016 — The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object. La clase EjbObjectInputStream en Apache TomEE en versiones anteriores a 1.7.4 y 7.x en versiones anteriores a 7.0.0-M3 permite a atacantes remotos ejecutar código arbitrario a través de un objeto serializado manipulado. Apache TomEE versions 7.0.0-M3 and 1.7.4 have been released to address the vulnerability in CVE-2016-0779. • http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html • CWE-502: Deserialization of Untrusted Data •