漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Tomcat: Logged effective web.xml is incomplete
Vulnerability Description
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue.
CVSS Information
N/A
Vulnerability Type
控制流实现总是不正确
Vulnerability Title
Apache Tomcat 处理逻辑错误漏洞
Vulnerability Description
Apache Software Foundation Apache Tomcat是Apache Software Foundation基金会的应用服务器。 Apache Tomcat存在处理逻辑错误漏洞,该漏洞源于Always-Incorrect Control Flow Implementation,导致记录有效web.xml时未包含特殊角色和空授权约束。以下版本受到影响:11.0.0-M1版本至11.0.22版本、10.1.0-M1版本至10.1.55版本、9.0.0.M1版本至9.0.118版本和8
CVSS Information
N/A
Vulnerability Type
N/A