Multiple vulnerabilities in Apache Tomcat

Descrição

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat can be exploited to bypass security restrictions.
2. Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat can be exploited to obtain sensitive information.
3. Security vulnerability can be exploited to bypass security restrictions.
4. Missing Encryption of Sensitive Data vulnerability in Apache Tomcat can be exploited to obtain sensitive information.

Comunicados originais

• Fixed in Apache Tomcat 9.0.117

Exploração

Public exploits exist for this vulnerability.

Produtos relacionados

• Apache-Tomcat

Lista de CVE

• CVE-2026-34483
  critical
• CVE-2026-34486
  critical
• CVE-2026-34487
  critical
• CVE-2026-34500
  high

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com