Lucene search
OracleLinuxELSA-2017-0935HistoryApr 12, 2017 - 12:00 a.m.
tomcat security update
2017-04-1200:00:00
linux.oracle.com
35
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
81.0%
[0:7.0.69-11]
- Resolves: rhbz#1413591 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing
- Resolves: rhbz#1402662 CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | tomcat | < 7.0.69-11.el7_3 | tomcat-7.0.69-11.el7_3.src.rpm |
| oracle linux | 7 | noarch | tomcat | < 7.0.69-11.el7_3 | tomcat-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-admin-webapps | < 7.0.69-11.el7_3 | tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-docs-webapp | < 7.0.69-11.el7_3 | tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-el-2.2-api | < 7.0.69-11.el7_3 | tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-javadoc | < 7.0.69-11.el7_3 | tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-jsp-2.2-api | < 7.0.69-11.el7_3 | tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-jsvc | < 7.0.69-11.el7_3 | tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-lib | < 7.0.69-11.el7_3 | tomcat-lib-7.0.69-11.el7_3.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-servlet-3.0-api | < 7.0.69-11.el7_3 | tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm |
Related
nessus
nessus
CentOS 6 : tomcat6 (CESA-2017:0527)
2017-03-20 00:00:00
EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2017-1081)
2017-05-03 00:00:00
Oracle Linux 6 : tomcat6 (ELSA-2017-0527)
2017-03-16 00:00:00
redhat
redhat
(RHSA-2017:0935) Moderate: tomcat security update
2017-04-12 13:36:04
(RHSA-2017:0527) Moderate: tomcat6 security update
2017-03-15 12:06:21
amazon
amazon
Medium: tomcat6
2017-03-29 16:48:00
Medium: tomcat7, tomcat8
2017-02-14 12:00:00
Important: tomcat6
2016-12-15 00:41:00
openvas
openvas
CentOS Update for tomcat CESA-2017:0935 centos7
2017-04-14 00:00:00
RedHat Update for tomcat RHSA-2017:0935-01
2017-04-13 00:00:00
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2017-1081)
2020-01-23 00:00:00
oraclelinux
oraclelinux
tomcat6 security update
2017-03-15 00:00:00
debian
debian
[SECURITY] [DLA 779-1] tomcat7 security update
2017-01-10 23:37:14
[SECURITY] [DSA 3754-1] tomcat7 security update
2017-01-08 06:26:59
[SECURITY] [DSA 3755-1] tomcat8 security update
2017-01-08 06:27:45
centos
centos
tomcat security update
2017-04-13 11:00:11
tomcat6 security update
2017-03-17 14:19:39
osv
osv
tomcat8 - security update
2017-01-08 00:00:00
tomcat7 - security update
2017-01-08 00:00:00
tomcat7 - security update
2017-01-10 00:00:00
redhatcve
redhatcve
CVE-2016-8745
2016-12-12 12:48:37
CVE-2016-6816
2021-07-11 07:51:46
cve
cve
tomcat
tomcat
Fixed in Apache Tomcat 7.0.75
2017-01-24 00:00:00
Fixed in Apache Tomcat 9.0.0.M15
2016-12-08 00:00:00
Fixed in Apache Tomcat 8.0.41
2017-01-24 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerability
2017-02-19 00:05:27
Updated tomcat package fixes security vulnerabilities
2016-12-12 01:44:05
ibm
ibm
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.41-1.fc25
2017-02-22 17:29:28
[SECURITY] Fedora 24 Update: tomcat-8.0.41-1.fc24
2017-03-01 01:21:37
[SECURITY] Fedora 25 Update: tomcat-8.0.39-1.fc25
2016-12-14 21:31:31
github
github
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat
2022-05-14 01:10:16
Improper Input Validation in Apache Tomcat
2022-05-13 01:14:53
f5
f5
K82455382 : Apache Tomcat vulnerability CVE-2016-8745
2017-09-28 00:00:00
SOL50116122 - Apache Tomcat vulnerability CVE-2016-6816
2016-12-01 00:00:00
K50116122 : Apache Tomcat vulnerability CVE-2016-6816
2016-12-01 00:00:00
ubuntucve
ubuntucve
freebsd
freebsd
tomcat -- information disclosure vulnerability
2017-01-05 00:00:00
tomcat -- multiple vulnerabilities
2016-11-22 00:00:00
veracode
veracode
Information Disclosure
2016-12-13 04:53:40
Cross-site Scripting (XSS) Or Information Disclosure
2019-01-15 09:15:22
Denial Of Service (DoS) Via Infinite Loop
2017-02-22 02:23:40
prion
prion
Code injection
2017-08-10 22:29:00
Design/Logic Flaw
2017-03-20 18:59:00
Design/Logic Flaw
2017-02-17 07:59:00
debiancve
debiancve
exploitpack
exploitpack
Apache Tomcat 6789 - Information Disclosure
2017-04-04 00:00:00
packetstorm
packetstorm
Apache Tomcat 6 / 7 / 8 / 9 Information Disclosure
2017-04-04 00:00:00
seebug
seebug
Apache Tomcat information disclosure Vulnerability, CVE-2016-6816)
2017-02-13 00:00:00
zdt
zdt
Apache Tomcat 6/7/8/9 - Information Disclosure Vulnerability
2017-04-03 00:00:00
atlassian
atlassian
Upgrade Tomcat to the version 8.5.29
2017-03-14 13:20:53
Upgrade Tomcat to the version 8.5.29
2017-03-14 13:20:53
Update bundled Apache Tomcat due to security vulnerabilities
2017-04-17 08:48:35
exploitdb
exploitdb
Apache Tomcat 6/7/8/9 - Information Disclosure
2017-04-04 00:00:00
suse
suse
Security update for tomcat (important)
2017-05-10 18:10:03
Security update for tomcat (important)
2017-05-23 21:11:53
Security update for tomcat (important)
2017-05-15 21:24:34
archlinux
archlinux
[ASA-201611-22] tomcat6: multiple issues
2016-11-23 00:00:00
ubuntu
ubuntu
Tomcat regression
2017-02-02 00:00:00
Tomcat vulnerabilities
2017-01-23 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
81.0%
Related for ELSA-2017-0935