Lucene search

Improper Locking in Apache Tomcat

🗓️ 26 Jun 2019 01:40:09Reported by GitHub Advisory DatabaseType

Improper Locking in Apache Tomcat, Incomplete Fix for CVE-2019-019

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 157
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony	2 Jul 202109:53	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2019-10072	24 Jul 202021:16	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a denial of service (CVE-2019-10072)	15 Aug 201917:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities CVE-2019-10072	17 Jul 201909:50	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2019-0199 The HTTP/2 implementation in embded Apache Tomcat Denial of Service Vulnerability	24 Jul 202021:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities.	14 Aug 201908:36	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-0199)	31 May 201915:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)	24 Aug 202010:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8	18 Oct 202407:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	13 Aug 202122:15	–	ibm

Vulners

Node

org.apache.tomcat.embed tomcat-embed-coreRange8.5.0–8.5.41

org.apache.tomcat.embed tomcat-embed-coreRange9.0.0.M1–9.0.20

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10072
lists	www.lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E
access	www.access.redhat.com/errata/RHSA-2019:3929
access	www.access.redhat.com/errata/RHSA-2019:3931
lists	www.lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
support	www.support.f5.com/csp/article/K17321505
debian	www.debian.org/security/2020/dsa-4680

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jun 2019 01:09Current

3.7Low risk

Vulners AI Score3.7

CVSS25

CVSS37.5

EPSS0.71534

CWE-667