usn-7106-1
Vulnerability from osv_ubuntu
Published
2024-11-13 07:19
Modified
2026-04-27 14:11
Summary
tomcat9 vulnerabilities
Details

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. (CVE-2023-28708)

It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-41080)

It was discovered that Tomcat incorrectly recycled certain objects, which could lead to information leaking from one request to the next. An attacker could potentially use this issue to leak sensitive information. (CVE-2023-42795)

It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling. (CVE-2023-45648)

It was discovered that Tomcat incorrectly handled socket cleanup, which could lead to websocket connections staying open. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-23672)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-28708",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-41080",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-42795",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-45648",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-23672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "libtomcat9-embed-java",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "libtomcat9-java",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9-admin",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9-common",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9-docs",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9-examples",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          },
          {
            "binary_name": "tomcat9-user",
            "binary_version": "9.0.16-3ubuntu0.18.04.2+esm4"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "tomcat9",
        "purl": "pkg:deb/ubuntu/tomcat9@9.0.16-3ubuntu0.18.04.2+esm4?arch=source\u0026distro=esm-apps/bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.0.16-3ubuntu0.18.04.2+esm4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "9.0.16-3~18.04.1",
        "9.0.16-3ubuntu0.18.04.1",
        "9.0.16-3ubuntu0.18.04.2",
        "9.0.16-3ubuntu0.18.04.2+esm1",
        "9.0.16-3ubuntu0.18.04.2+esm2",
        "9.0.16-3ubuntu0.18.04.2+esm3"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-28708",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-41080",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-42795",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-45648",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-23672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "libtomcat9-embed-java",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "libtomcat9-java",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9-admin",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9-common",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9-docs",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9-examples",
            "binary_version": "9.0.31-1ubuntu0.8"
          },
          {
            "binary_name": "tomcat9-user",
            "binary_version": "9.0.31-1ubuntu0.8"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "tomcat9",
        "purl": "pkg:deb/ubuntu/tomcat9@9.0.31-1ubuntu0.8?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.0.31-1ubuntu0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "9.0.24-1",
        "9.0.27-1",
        "9.0.31-1",
        "9.0.31-1ubuntu0.1",
        "9.0.31-1ubuntu0.2",
        "9.0.31-1ubuntu0.3",
        "9.0.31-1ubuntu0.4",
        "9.0.31-1ubuntu0.5",
        "9.0.31-1ubuntu0.6",
        "9.0.31-1ubuntu0.7"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-28708",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-41080",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-42795",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-45648",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-23672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "libtomcat9-embed-java",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "libtomcat9-java",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9-admin",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9-common",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9-docs",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9-examples",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          },
          {
            "binary_name": "tomcat9-user",
            "binary_version": "9.0.58-1ubuntu0.1+esm4"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:22.04:LTS",
        "name": "tomcat9",
        "purl": "pkg:deb/ubuntu/tomcat9@9.0.58-1ubuntu0.1+esm4?arch=source\u0026distro=esm-apps/jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.0.58-1ubuntu0.1+esm4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "9.0.43-3",
        "9.0.54-1",
        "9.0.55-1",
        "9.0.58-1",
        "9.0.58-1ubuntu0.1",
        "9.0.58-1ubuntu0.1+esm1",
        "9.0.58-1ubuntu0.1+esm2",
        "9.0.58-1ubuntu0.1+esm3"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that Tomcat did not include the secure attribute for\nsession cookies when using the RemoteIpFilter with requests from a\nreverse proxy. An attacker could possibly use this issue to leak\nsensitive information. (CVE-2023-28708)\n\nIt was discovered that Tomcat had a vulnerability in its FORM\nauthentication feature, leading to an open redirect attack. An attacker\ncould possibly use this issue to perform phishing attacks. (CVE-2023-41080)\n\nIt was discovered that Tomcat incorrectly recycled certain objects,\nwhich could lead to information leaking from one request to the next.\nAn attacker could potentially use this issue to leak sensitive\ninformation. (CVE-2023-42795)\n\nIt was discovered that Tomcat incorrectly handled HTTP trailer headers. A\nremote attacker could possibly use this issue to perform HTTP request\nsmuggling. (CVE-2023-45648)\n\nIt was discovered that Tomcat incorrectly handled socket cleanup, which\ncould lead to websocket connections staying open. An attacker could\npossibly use this issue to cause a denial of service. (CVE-2024-23672)\n",
  "id": "USN-7106-1",
  "modified": "2026-04-27T14:11:38Z",
  "published": "2024-11-13T07:19:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-7106-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-28708"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-41080"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-42795"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-45648"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-23672"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "tomcat9 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2023-28708",
    "UBUNTU-CVE-2023-41080",
    "UBUNTU-CVE-2023-42795",
    "UBUNTU-CVE-2023-45648",
    "UBUNTU-CVE-2024-23672"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…