--- vuln2.xml Fri May 22 13:19:46 2020 +++ vuln.xml Fri May 22 13:40:27 2020 @@ -60,0 +61,39 @@ + + Apache Tomcat Remote Code Execution via session persistence + + + tomcat7 + 7.0.104 + + + tomcat85 + 8.5.55 + + + tomcat9 + 9.0.35 + + + tomcat-devel + 10.0.0.M5 + + + + +

The Apache Software Foundation reports:

Under certain circumstances an attacker will be able to trigger remote code execution via deserialization of the file under their control

+ + + + http://tomcat.apache.org/security-7.html + http://tomcat.apache.org/security-8.html + http://tomcat.apache.org/security-9.html + http://tomcat.apache.org/security-10.html + CVE-2020-9484 + + + 2020-05-12 + 2020-05-22 + + +