Lucene search
Ubuntu.comUB:CVE-2022-34305HistoryJun 23, 2022 - 12:00 a.m.
CVE-2022-34305
2022-06-2300:00:00
ubuntu.com
ubuntu.com
21
0.001 Low
EPSS
Percentile
43.8%
In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to
9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples
web application displayed user provided data without filtering, exposing a
XSS vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 14.04 | noarch | tomcat6 | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | tomcat6 | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | tomcat7 | <Â any | UNKNOWN |
| ubuntu | 14.04 | noarch | tomcat7 | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | tomcat7 | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | tomcat8 | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | tomcat8 | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | tomcat9 | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | tomcat9 | <Â any | UNKNOWN |
| ubuntu | 22.04 | noarch | tomcat9 | <Â any | UNKNOWN |
References
www.openwall.com/lists/oss-security/2022/06/23/1
github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7 (8.5.82)
github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac (9.0.65)
launchpad.net/bugs/cve/CVE-2022-34305
lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
nvd.nist.gov/vuln/detail/CVE-2022-34305
security-tracker.debian.org/tracker/CVE-2022-34305
www.cve.org/CVERecord?id=CVE-2022-34305
Related
kaspersky
kaspersky
KLA19261 XSS vulnerability in Apache Tomcat
2022-07-20 00:00:00
KLA19262 XSS vulnerability in Apache Tomcat
2022-07-26 00:00:00
KLA19260 XSS vulnerability in Apache Tomcat
2022-08-28 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2022-06-24 04:07:07
f5
f5
K00303143 : Apache Tomcat vulnerability CVE-2022-34305
2022-07-11 00:00:00
ibm
ibm
debiancve
debiancve
CVE-2022-34305
2022-06-23 11:15:00
nessus
nessus
FreeBSD : Tomcat -- XSS in examples web application (e2e7faf9-1b51-11ed-ae46-002b67dfc673)
2022-08-16 00:00:00
Apache Tomcat 9.0.30 < 9.0.65
2022-06-23 00:00:00
Apache Tomcat 10.1.0.M1 < 10.1.0.M17
2022-06-23 00:00:00
cvelist
cvelist
CVE-2022-34305 XSS in examples web application
2022-06-23 10:30:16
atlassian
atlassian
Confluence Apache Tomcat CVE-2022-34305
2022-07-07 19:05:27
Apache Tomcat CVE-2022-34305
2022-06-28 14:48:07
github
github
Cross-site Scripting in Apache Tomcat
2022-06-24 00:00:32
tomcat
tomcat
Fixed in Apache Tomcat 8.5.82
2022-08-13 00:00:00
Fixed in Apache Tomcat 10.1.0-M17
2022-07-20 00:00:00
Fixed in Apache Tomcat 10.0.23
2022-07-26 00:00:00
osv
osv
Cross-site Scripting in Apache Tomcat
2022-06-24 00:00:32
BIT-tomcat-2022-34305
2024-03-06 11:09:17
CVE-2022-34305
2022-06-23 11:15:07
cve
cve
CVE-2022-34305
2022-06-23 11:15:00
openvas
openvas
Apache Tomcat XSS Vulnerability (Jun 2022) - Linux
2022-06-24 00:00:00
Apache Tomcat XSS Vulnerability (Jun 2022) - Windows
2022-06-24 00:00:00
Mageia: Security Advisory (MGASA-2023-0138)
2023-04-17 00:00:00
redhatcve
redhatcve
CVE-2022-34305
2022-06-30 18:05:42
cnvd
cnvd
Apache Tomcat Cross-Site Scripting Vulnerability
2022-06-27 00:00:00
prion
prion
Cross site scripting
2022-06-23 11:15:00
freebsd
freebsd
Tomcat -- XSS in examples web application
2022-06-22 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple Vulnerabilities
2022-08-21 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerability
2023-04-15 22:03:44
rosalinux
rosalinux
Advisory ROSA-SA-2023-2258
2023-10-21 16:49:43
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00