FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
26a08c77-32da-4dd7-a884-a76fc49aa824	tomcat -- Tomcat Manager cross-site scripting Oliver Karow discovered cross-site scripting issues in the Apache Jakarta Tomcat manager. The developers refer to the issues as minor. Discovery 2005-01-03 Entry 2005-06-01 Modified 2006-09-12 jakarta-tomcat ge 5.0.* lt 5.0.30_5 ge 5.5.* lt 5.5.7 http://www.oliverkarow.de/research/jakarta556_xss.txt http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg66978.html
872623af-39ec-11dc-b8cc-000fea449b8a	tomcat -- multiple vulnerabilities Apache Project reports: The Apache Tomcat team is proud to announce the immediate availability of Tomcat 4.1.36 stable. This build contains numerous library updates, A small number of bug fixes and two important security fixes. Discovery 2007-04-27 Entry 2007-07-24 apache-tomcat ge 4.1.0 lt 4.1.36 gt 6.0.0 lt 6.0.11 tomcat gt 5.0.0 lt 5.5.23 jakarta-tomcat ge 4.0.0 lt 4.1.0 gt 5.0.0 lt 5.5.23 CVE-2005-2090 CVE-2007-0450 CVE-2007-1358
ab2575d6-39f0-11dc-b8cc-000fea449b8a	tomcat -- XSS vulnerability in sample applications The Apache Project reports: The JSP and Servlet included in the sample application within the Tomcat documentation webapp did not escape user provided data before including it in the output. This enabled a XSS attack. These pages have been simplified not to use any user provided data in the output. Discovery 2007-05-19 Entry 2007-07-24 apache-tomcat gt 6.0.0 lt 6.0.11 tomcat gt 5.0.0 lt 5.5.24 jakarta-tomcat gt 5.0.0 lt 5.5.24 CVE-2007-1355 24058

VuXML ID

Description

26a08c77-32da-4dd7-a884-a76fc49aa824

tomcat -- Tomcat Manager cross-site scripting

Oliver Karow discovered cross-site scripting issues in the Apache Jakarta Tomcat manager. The developers refer to the issues as minor.

Discovery 2005-01-03
Entry 2005-06-01
Modified 2006-09-12
jakarta-tomcat

ge 5.0.* lt 5.0.30_5

ge 5.5.* lt 5.5.7

http://www.oliverkarow.de/research/jakarta556_xss.txt
http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg66978.html

872623af-39ec-11dc-b8cc-000fea449b8a

tomcat -- multiple vulnerabilities

Apache Project reports:

The Apache Tomcat team is proud to announce the immediate availability of Tomcat 4.1.36 stable. This build contains numerous library updates, A small number of bug fixes and two important security fixes.

Discovery 2007-04-27
Entry 2007-07-24
apache-tomcat

ge 4.1.0 lt 4.1.36

gt 6.0.0 lt 6.0.11

tomcat

gt 5.0.0 lt 5.5.23

jakarta-tomcat

ge 4.0.0 lt 4.1.0

gt 5.0.0 lt 5.5.23

CVE-2005-2090
CVE-2007-0450
CVE-2007-1358

ab2575d6-39f0-11dc-b8cc-000fea449b8a

tomcat -- XSS vulnerability in sample applications

The Apache Project reports:

The JSP and Servlet included in the sample application within the Tomcat documentation webapp did not escape user provided data before including it in the output. This enabled a XSS attack. These pages have been simplified not to use any user provided data in the output.

Discovery 2007-05-19
Entry 2007-07-24
apache-tomcat

gt 6.0.0 lt 6.0.11

tomcat

gt 5.0.0 lt 5.5.24

jakarta-tomcat

gt 5.0.0 lt 5.5.24

CVE-2007-1355
24058