![]() Tomcat-admin-webapps is signed with Red Hat redhatrelease2 key Tomcat-admin-webapps is earlier than 0:7.0.76-12.el7_8 Tomcat is signed with Red Hat redhatrelease2 key RHSA-2020:2529: tomcat6 security update (Important) Tomcat6-webapps is signed with Red Hat redhatrelease2 key Tomcat6-servlet-2.5-api is signed with Red Hat redhatrelease2 key ![]() Tomcat6-lib is signed with Red Hat redhatrelease2 key Tomcat6-jsp-2.1-api is signed with Red Hat redhatrelease2 key Tomcat6-javadoc is signed with Red Hat redhatrelease2 key Tomcat6-el-2.1-api is signed with Red Hat redhatrelease2 key Tomcat6-docs-webapp is signed with Red Hat redhatrelease2 key Tomcat6-admin-webapps is signed with Red Hat redhatrelease2 key Tomcat6 is signed with Red Hat redhatrelease2 key Red Hat Enterprise Linux must be installed This can result in a number of unwanted outcomes, including remote code execution.ĬVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. These objects are then deserialized when needed to recover the data/state. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |