This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SA-2023-002 - Apache Tomcat JsonErrorReportValve (CVE-2022-45143)

SamPirok
Community Manager Community Manager
Community Manager
‎01-11-2023 06:43 AM

Summary

The JsonErrorReportValve in Apache Tomcat did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.

Products not listed in the Impact Details section have not been evaluated. Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published. Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.

Impact Details

OS/Product Exposure
Network OS No

Repair Recommendations

None

 

Please see the full security advisory article here for more details. 

0 Kudos
Popular Articles
GTM-P2G8KFN