Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-34305HistoryJun 23, 2022 - 11:15 a.m.
CVE-2022-34305
2022-06-2311:15:00
Debian Security Bug Tracker
security-tracker.debian.org
44
0.001 Low
EPSS
Percentile
43.8%
In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tomcat9 | <Â 9.0.65-1 | tomcat9_9.0.65-1_all.deb |
| Debian | 11 | all | tomcat9 | <=Â 9.0.43-2~deb11u9 | tomcat9_9.0.43-2~deb11u9_all.deb |
| Debian | 10 | all | tomcat9 | <=Â 9.0.31-1~deb10u6 | tomcat9_9.0.31-1~deb10u6_all.deb |
| Debian | 999 | all | tomcat9 | <Â 9.0.65-1 | tomcat9_9.0.65-1_all.deb |
| Debian | 13 | all | tomcat9 | <Â 9.0.65-1 | tomcat9_9.0.65-1_all.deb |
Related
nessus
nessus
FreeBSD : Tomcat -- XSS in examples web application (e2e7faf9-1b51-11ed-ae46-002b67dfc673)
2022-08-16 00:00:00
Dell EMC NetWorker < 19.7.0.2 XSS (DSA-2022-341)
2022-12-08 00:00:00
Apache Tomcat 10.0.0.M1 < 10.0.23
2022-06-23 00:00:00
kaspersky
kaspersky
KLA19262 XSS vulnerability in Apache Tomcat
2022-07-26 00:00:00
KLA19260 XSS vulnerability in Apache Tomcat
2022-08-28 00:00:00
KLA19261 XSS vulnerability in Apache Tomcat
2022-07-20 00:00:00
cvelist
cvelist
CVE-2022-34305 XSS in examples web application
2022-06-23 10:30:16
tomcat
tomcat
Fixed in Apache Tomcat 8.5.82
2022-08-13 00:00:00
Fixed in Apache Tomcat 10.0.23
2022-07-26 00:00:00
Fixed in Apache Tomcat 10.1.0-M17
2022-07-20 00:00:00
ibm
ibm
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to cross-site scripting due to Apache Tomcat (CVE-2022-34305)
2023-01-10 10:31:23
Security Bulletin: The CVE-2022-34305 vulnerability in Apache Tomcat affects App Connect Professional.
2022-07-15 05:52:05
Security Bulletin: IBM UrbanCode Release is affected by CVE-2022-34305
2023-01-20 16:08:01
github
github
Cross-site Scripting in Apache Tomcat
2022-06-24 00:00:32
atlassian
atlassian
Confluence Apache Tomcat CVE-2022-34305
2022-07-07 19:05:27
Apache Tomcat CVE-2022-34305
2022-06-28 14:48:07
openvas
openvas
Apache Tomcat XSS Vulnerability (Jun 2022) - Linux
2022-06-24 00:00:00
Apache Tomcat XSS Vulnerability (Jun 2022) - Windows
2022-06-24 00:00:00
Mageia: Security Advisory (MGASA-2023-0138)
2023-04-17 00:00:00
redhatcve
redhatcve
CVE-2022-34305
2022-06-30 18:05:42
osv
osv
Cross-site Scripting in Apache Tomcat
2022-06-24 00:00:32
BIT-tomcat-2022-34305
2024-03-06 11:09:17
CVE-2022-34305
2022-06-23 11:15:07
cve
cve
CVE-2022-34305
2022-06-23 11:15:00
freebsd
freebsd
Tomcat -- XSS in examples web application
2022-06-22 00:00:00
cnvd
cnvd
Apache Tomcat Cross-Site Scripting Vulnerability
2022-06-27 00:00:00
prion
prion
Cross site scripting
2022-06-23 11:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-06-24 04:07:07
ubuntucve
ubuntucve
CVE-2022-34305
2022-06-23 00:00:00
f5
f5
K00303143 : Apache Tomcat vulnerability CVE-2022-34305
2022-07-11 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple Vulnerabilities
2022-08-21 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerability
2023-04-15 22:03:44
rosalinux
rosalinux
Advisory ROSA-SA-2023-2258
2023-10-21 16:49:43
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00