Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian DSA-4891-1: Tomcat9 Security Flaw Causes Denial Of Service

Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. For the stable distribution (buster), these problems have been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4891-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 13, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat9 CVE ID : CVE-2021-25122 CVE-2021-25329 Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. For the stable distribution (buster), these problems have been fixed in version 9.0.31-1~deb10u4. We recommend that you upgrade your tomcat9 packages. For the detailed security status of tomcat9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/tomcat9 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Update DSA-4892-1 enhances php7 to rectify severe vulnerabilities in the stable release.. Debian Security Advisory, Tomcat Security Issues, Service Denial Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 13, 2021 Critical Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatedirectory traversal

Red Hat Developer Suite: RHSA-2008:0195-01 Moderate Session Hijack Risk

Updated tomcat packages that fix multiple security issues are now available for Red Hat Developer Suite 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: tomcat security update Advisory ID: RHSA-2008:0195-01 Product: Red Hat Developer Suite v.3 Advisory URL: https://access.redhat.com/errata/RHSA-2008:0195.html Issue date: 2008-04-28 Keywords: Security CVE Names: CVE-2007-3382 CVE-2007-3385 CVE-2007-5342 CVE-2007-5461 ==================================================================== 1. Summary: Updated tomcat packages that fix multiple security issues are now available for Red Hat Developer Suite 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Developer Suite v.3 (AS v.4) - noarch 3. Description: Tomcat is a servlet container for Java Servlet and Java Server Pages technologies. Tomcat was found treating single quote characters -- ' -- as delimiters in cookies. This could allow remote attackers to obtain sensitive information, such as session IDs, for session hijacking attacks (CVE-2007-3382). It was reported Tomcat did not properly handle the following character sequence in a cookie: \" (a backslash followed by a double-quote). It was possible remote attackers could use this failure to obtain sensitive information, such as session IDs, for session hijacking attacks (CVE-2007-3385). A directory traversal vulnerability existed in the Apache Tomcat webdav servlet. This allowed remote attackers to remote authenticated users to read accessible to the local user running the tomcat process (CVE-2007-5461). The default security policy in the JULI logging component did not restrict access permissions tofiles. This could be misused by untrusted web applications to access and write arbitrary files in the context of the tomcat process (CVE-2007-5342). Users of Tomcat should update to these erratum packages, which contain backported patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 247972 - CVE-2007-3382 tomcat handling of cookies 247976 - CVE-2007-3385 tomcat handling of cookie values 333791 - CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV 427216 - CVE-2007-5342 Apache Tomcat's default security policy is too open 6. Package List: Red Hat Developer Suite v.3 (AS v.4): Source: noarch: tomcat5-5.5.23-0jpp_11rh.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_11rh.noarch.rpm tomcat5-jasper-5.5.23-0jpp_11rh.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_11rh.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_11rh.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_11rh.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-3382 https://www.cve.org/CVERecord?id=CVE-2007-3385 https://www.cve.org/CVERecord?id=CVE-2007-5342 https://www.cve.org/CVERecord?id=CVE-2007-5461 https://tomcat.apache.org/security-5.html https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2008 Red Hat, Inc. . Oracle Security Bulletin for WebLogic resolves several significant vulnerabilities affecting authentication processes and beyond.. Tomcat Security, RedHat Patch, Session Hijacking Risk, Directory Traversal Exploit, Security Update. . LinuxSecurity.com Team

Calendar 2 Apr 28, 2008 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here