It was discovered that Tomcat incorrectly performed input verification.
A remote attacker could possibly use this issue to intercept sensitive
information. (CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640)
It was discovered that Tomcat did not properly deserialize untrusted data.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-9484, CVE-2021-33037)
It was discovered that Tomcat did not properly validate the input length. An
attacker could possibly use this to trigger an infinite loop, resulting in a
denial of service. (CVE-2021-25329, CVE-2021-41079)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | tomcat9 | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | libtomcat9-embed-java | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | libtomcat9-java | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | tomcat9-admin | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | tomcat9-common | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | tomcat9-docs | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | tomcat9-examples | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | tomcat9-user | < 9.0.31-1ubuntu0.2 | UNKNOWN |
Ubuntu | 18.04 | noarch | tomcat9 | < 9.0.16-3ubuntu0.18.04.2 | UNKNOWN |
Ubuntu | 18.04 | noarch | libtomcat9-embed-java | < 9.0.16-3ubuntu0.18.04.2 | UNKNOWN |
bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1915911
ubuntu.com/security/CVE-2020-13943
ubuntu.com/security/CVE-2020-17527
ubuntu.com/security/CVE-2020-9484
ubuntu.com/security/CVE-2021-25122
ubuntu.com/security/CVE-2021-25329
ubuntu.com/security/CVE-2021-30640
ubuntu.com/security/CVE-2021-33037
ubuntu.com/security/CVE-2021-41079