VDB
GCVE-110-MAGEIA-2017-400
GCVE-110-MAGEIA-2017-400
Advisory Published
When running with HTTP PUTs enabled (e.g. via setting the readonly
initialization parameter of the Default servlet to false) it was
possible to upload a JSP file to the server via a specially crafted
request. This JSP could then be requested and any code it contained
would be executed by the server (CVE-2017-12617).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | tomcat | 7.0.82-1.mga5 (unaffected), 0 (affected) | — |
| Mageia | tomcat | 0 (affected), 8.0.47-1.mga6 (unaffected) | — |
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.