[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2014-0082":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":22,"duplicates":23,"related":24,"reserved_at":9,"published_at":29,"modified_at":30,"state":9,"summary":31,"references_raw":33,"kevs":58,"epss":9,"epss_history":59,"metrics":60,"affected":61},"MGASA-2014-0082","Updated tomcat6 packages fix multiple vulnerabilities and logging\n\nUpdated tomcat6 packages fix security vulnerabilities:\n\nIt was discovered that Tomcat incorrectly handled certain requests\nsubmitted using chunked transfer encoding. A remote attacker could use this\nflaw to cause the Tomcat server to stop responding, resulting in a denial\nof service (CVE-2012-3544).\n\nA frame injection in the Javadoc component in Oracle Java SE 7 Update 21\nand earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier;\nJavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect\nintegrity via unknown vectors related to Javadoc (CVE-2013-1571)\n\nA flaw was found in the way the tomcat6 init script handled the\ntomcat6-initd.log log file. A malicious web application deployed on Tomcat\ncould use this flaw to perform a symbolic link attack to change the\nownership of an arbitrary system file to that of the tomcat user, allowing\nthem to escalate their privileges to root (CVE-2013-1976).\n\nIt was discovered that Tomcat incorrectly handled certain authentication\nrequests. A remote attacker could possibly use this flaw to inject a\nrequest that would get executed with a victim's credentials (CVE-2013-2067).\n\nNote: With this update, tomcat6-initd.log has been moved from\n/var/log/tomcat6/ to the /var/log/ directory.\n",null,[],[],[],[14,16,18,20],{"_key":15},"CVE-2012-3544",{"_key":17},"CVE-2013-1571",{"_key":19},"CVE-2013-1976",{"_key":21},"CVE-2013-2067",[],[],[25,26,27,28],{"_key":15},{"_key":17},{"_key":19},{"_key":21},"2014-02-17T18:13:24Z","2026-04-16T06:25:08.521378458Z",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[34,40,46,50,54],{"url":35,"sources":36,"tags":38},"https://advisories.mageia.org/MGASA-2014-0082.html",[37],"osv_mageia",[39],"Advisory",{"url":41,"sources":42,"tags":43},"http://www.ubuntu.com/usn/usn-1841-1/",[37],[44,45],"REPORT","WEB",{"url":47,"sources":48,"tags":49},"https://rhn.redhat.com/errata/RHSA-2013-0869.html",[37],[44,45],{"url":51,"sources":52,"tags":53},"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39",[37],[44,45],{"url":55,"sources":56,"tags":57},"https://bugs.mageia.org/show_bug.cgi?id=10201",[37],[44],[],[],[],[62],{"ecosystem":63,"name":64,"vendor":65,"product":64,"cpe_part":9,"purl_type":66,"purl_namespace":65,"purl_name":64,"source":9,"versions":67},"Mageia","tomcat6","mageia","rpm",[68],{"version":69,"is_range":70,"range_type":71,"version_start":9,"version_start_type":9,"version_end":72,"version_end_type":73,"fixed_in":9},"lt6_0_39_1_1_mga3",true,"ecosystem","6.0.39-1.1.mga3","excluding"]