Security News

Apache Tomcat Affected by Serious 'Ghostcat' Vulnerability
2020-02-28 19:31

A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution. Chaitin says the vulnerability is related to the Apache JServ Protocol protocol, which is designed to improve performance by proxying inbound requests from a web server through to an application server.

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat
2020-02-28 10:37

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity 'file read and inclusion bug'-which can be exploited in the default configuration.

Apache Tomcat Patches Important Security Vulnerabilities
2018-07-24 11:48

The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain...

Information Disclosure, DoS Flaws Patched in Apache Tomcat
2018-07-24 04:59

The Apache Software Foundation informed users over the weekend that updates for the Tomcat application server address several vulnerabilities, including issues that can lead to information...

Apache Tomcat Patches Important Remote Code Execution Flaw
2017-10-05 04:16

The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers...

Code Execution Flaws Patched in Apache Tomcat
2017-10-04 18:58

Several vulnerabilities, including ones that allow remote attackers to execute arbitrary code, have been patched in recent weeks in Apache Tomcat. read more