VDB
GCVE-VVD-MAGEIA-2023-138
GCVE-VVD-MAGEIA-2023-138
Advisory Published
Information disclosure due to concurrency bug (CVE-2021-43980)
Fix for CVE-2020-9484 introduced a time of check, time of use
vulnerability (CVE-2022-23181)
Correct documentation to warn of use over untrusted networks.
(CVE-2022-29885)
Correct documentation showing use of XSS vulnerability. (CVE-2022-34305)
Fix to reject invalid Content-Length header (CVE-2022-42252)
Fix escaping of the type, message or description values. (CVE-2022-45143)
Fix FileUpload limiting of the number of request parts to be processed
to prevent the possibility of an attacker triggering a DoS (CVE-2023-24998)
Fix setting of session cookie secure attribute when using RemoteIpFilter
with X-Forwarded-Proto header set to https (CVE-2023-28708)
Obsolete tomcat-jsvc
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | vacation | 0 (affected), 1.2.8.0-1.beta1.1.mga9 (unaffected) | — |
| Mageia | tomcat | 0 (affected), 9.0.73-1.1.mga8 (unaffected), 0 (affected), 9.0.73-1.1.mga8 (unaffected) | — |
References
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.