-
Due to GhostCat (CVE-2020-1938 - AJP) Tomcat needs to be upgraded to 8.5.51
-
**Vulnerabilities**
DepShield reports that this application's usage of [org.apache.tomcat.embed:tomcat-embed-core:9.0.30](https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat.embed/tom…
-
Hi,超酷的工具!
看了帮助文档写着服务扫描只有cve-2020-1938,使用时(默认)却是cve-2020-0796?
如何选择特定服务的漏洞进行检测?或者如何全选所有服务漏洞扫描?
![xray-servicescan-issue00](https://user-images.githubusercontent.com/28248956/83331525-84e5cb80-a2c9-1…
-
npm WARN deprecated react-dom@16.2.0: This version of react-dom/server contains a minor vulnerability. Please update react-dom to 16.2.1 or 16.4.2+. Learn more: https://fb.me/cve-2018-6341
npm WARN d…
-
-
TardC updated
4 years ago
-
checked master and i think this one is missing, aka CVE-2020-1938:
https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC
-
https://dev.lucee.org/t/tomcat-cve-2020-1938-ghostcat-ajp/6650
https://github.com/viviotech/lucee-installer/issues/100
Note: Apache 2.4 doesn't support this version of Tomcat yet. a backport fr…
-
## Problem description
Travis builds are currently failing due to tomcat-embed-core-8.5.43.jar: CVE-2020-1938
-
mod_cfml already uses a secret, the tomcat AJP connector should too
> secret | Only requests from workers with this secret keyword will be accepted. The default value is null. This attrbute must be…