Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2019-1529
HistoryJul 30, 2019 - 12:00 a.m.

pki-deps:10.6 security update

2019-07-3000:00:00
linux.oracle.com
16

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

apache-commons-collections
[3.2.2-10]

  • Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
    [3.2.2-9]
  • Remove workaround for symlink->directory rpm bug
    jackson-bom
    [2.9.8-1]
  • Update to latest upstream release
    [2.9.4-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
    [2.9.4-1]
  • Update to latest upstream release
    [2.9.3-1]
  • Initial packaging
    pki-servlet-container
    [1:9.0.7-14]
  • Update to JWS 5.0.2 distribution
  • Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: host name verification missing in WebSocket client
  • Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: Insecure defaults in CORS filter enable ‘supportsCredentials’ for all origins
  • Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
  • Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet
    velocity
    [0:1.7-24]
  • Repack the tarball without binaries
    [0:1.7-23]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
    xerces-j2
    [2.11.0-34]
  • Fix license tag to include W3C
    [2.11.0-33]
  • Add requirement on javapackages-tools since scripts use
    java-functions.
    [2.11.0-32]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
    xml-commons-resolver
    [0:1.2-26]
  • Add requirement on javapackages-tools since scripts use
    java-functions.
    [0:1.2-25]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
OSVersionArchitecturePackageVersionFilename
oracle linux8srcapache-commons-collections< 3.2.2-10.moduleapache-commons-collections-3.2.2-10.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcapache-commons-lang< 2.6-21.moduleapache-commons-lang-2.6-21.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcbea-stax< 1.2.0-16.modulebea-stax-1.2.0-16.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcglassfish-fastinfoset< 1.2.13-9.moduleglassfish-fastinfoset-1.2.13-9.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcglassfish-jaxb< 2.2.11-11.moduleglassfish-jaxb-2.2.11-11.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcglassfish-jaxb-api< 2.2.12-8.moduleglassfish-jaxb-api-2.2.12-8.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcjackson-annotations< 2.9.8-1.modulejackson-annotations-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcjackson-core< 2.9.8-1.modulejackson-core-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcjackson-databind< 2.9.8-1.modulejackson-databind-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
oracle linux8srcjackson-jaxrs-providers< 2.9.8-1.modulejackson-jaxrs-providers-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
Rows per page:
1-10 of 1181

Related

osv 15
almalinux 1
rocky 1
nessus 50
redhat 9
openvas 24
fedora 3
tomcat 9
suse 4
amazon 5
mageia 1
ibm 15
kaspersky 3
oraclelinux 2
thn 1
atlassian 3
centos 2
github 4
cve 4
ubuntucve 4
veracode 6
f5 4
debiancve 4
prion 4
checkpoint_advisories 1
debian 6
photon 2
symantec 3
redhatcve 4
packetstorm 1
ubuntu 1
zdt 1
nuclei 1
cisa 1
osv
osv
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
CVE-2018-8014
2018-05-16 16:29:00
almalinux
almalinux
Important: pki-deps:10.6 security update
2019-06-18 16:36:21
rocky
rocky
pki-deps:10.6 security update
2019-06-18 16:36:21
nessus
nessus
RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)
2019-06-19 00:00:00
Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)
2019-08-12 00:00:00
CentOS 8 : pki-deps:10.6 (CESA-2019:1529)
2021-01-29 00:00:00
redhat
redhat
(RHSA-2019:1529) Important: pki-deps:10.6 security update
2019-06-18 16:36:21
(RHSA-2019:0450) Moderate: Red Hat JBoss Web Server 5.0 Service Pack 2 security and bug fix update
2019-03-04 17:33:34
(RHSA-2018:2868) Important: Red Hat JBoss Web Server 5.0 Service Pack 1 security and bug fix update
2018-10-03 13:41:48
openvas
openvas
Fedora Update for tomcat FEDORA-2018-b18f9dd65b
2019-04-03 00:00:00
Fedora Update for tomcat FEDORA-2018-b1832101b8
2018-08-30 00:00:00
openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:2740-1)
2018-09-18 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28
2019-04-03 02:02:31
[SECURITY] Fedora 28 Update: tomcat-8.5.32-1.fc28
2018-08-30 04:57:26
[SECURITY] Fedora 29 Update: tomcat-9.0.13-1.fc29
2019-02-13 02:48:13
tomcat
tomcat
Fixed in Apache Tomcat 8.5.32
2018-06-26 00:00:00
Fixed in Apache Tomcat 8.0.53
2018-07-06 00:00:00
Fixed in Apache Tomcat 9.0.10
2018-06-25 00:00:00
suse
suse
Security update for tomcat (moderate)
2018-09-17 12:12:40
Security update for tomcat (moderate)
2018-10-06 18:10:05
Security update for tomcat (moderate)
2018-10-25 18:22:29
amazon
amazon
Important: tomcat8
2018-08-09 16:12:00
Important: tomcat7, tomcat80
2018-08-09 16:10:00
Important: tomcat
2020-03-09 19:23:00
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2018-12-10 00:20:39
ibm
ibm
Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2018-11784, CVE-2018-8034)
2019-02-04 13:05:02
Security Bulletin: Rational DOORS Web Access is affected by Apache Tomcat vulnerabilities
2018-10-23 17:25:01
Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to publicly disclosed vulnerability. (CVE-2018-8034, CVE-2018-8037)
2018-12-03 14:05:01
kaspersky
kaspersky
KLA11297 Multiple vulnerabilities in Apache Tomcat
2018-07-22 00:00:00
KLA11256 SB vulnerability in Apache Tomcat
2018-05-15 00:00:00
KLA11327 SB vulnerability in Apache Tomcat
2018-10-03 00:00:00
oraclelinux
oraclelinux
tomcat security, bug fix, and enhancement update
2019-08-13 00:00:00
tomcat security update
2019-03-13 00:00:00
thn
thn
Apache Tomcat Patches Important Security Vulnerabilities
2018-07-24 11:36:00
atlassian
atlassian
Upgrade to Tomcat 8.5.32 necessary
2018-08-01 09:33:53
Update Tomcat to 8.5.34 to avoid CVE-2018-11784
2018-10-10 09:22:17
Update Tomcat to 8.5.34 to avoid CVE-2018-11784
2018-10-10 09:22:17
centos
centos
tomcat security update
2019-08-30 04:27:31
tomcat security update
2019-03-19 14:33:17
github
github
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins
2018-10-17 16:32:32
Apache Tomcat Open Redirect vulnerability
2018-10-17 16:31:02
Apache Tomcat Race Condition vulnerability
2018-10-17 16:33:02
cve
cve
CVE-2018-8014
2018-05-16 16:29:00
CVE-2018-8037
2018-08-02 14:29:00
CVE-2018-11784
2018-10-04 13:29:00
ubuntucve
ubuntucve
CVE-2018-8014
2018-05-16 00:00:00
CVE-2018-8034
2018-07-24 00:00:00
CVE-2018-8037
2018-08-02 00:00:00
veracode
veracode
Insecure Defaults
2018-07-23 05:27:23
Insecure Defaults
2018-05-17 04:40:32
Insecure Defaults
2019-01-15 09:24:32
f5
f5
K11420556 : Apache Tomcat vulnerability CVE-2018-8014
2018-07-17 00:00:00
K34468163 : Apache Tomcat vulnerability CVE-2018-8034
2018-09-05 00:00:00
K64921482 : Apache Tomcat vulnerability CVE-2018-11784
2018-10-25 00:00:00
debiancve
debiancve
CVE-2018-8014
2018-05-16 16:29:00
CVE-2018-8037
2018-08-02 14:29:00
CVE-2018-11784
2018-10-04 13:29:00
prion
prion
Default configuration
2018-05-16 16:29:00
Race condition
2018-08-02 14:29:00
Design/Logic Flaw
2018-10-04 13:29:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Default Servlet Open Redirect (CVE-2018-11784)
2019-02-19 00:00:00
debian
debian
[SECURITY] [DLA 1544-1] tomcat7 security update
2018-10-14 20:43:08
[SECURITY] [DSA 4281-1] tomcat8 security update
2018-08-29 06:29:28
[SECURITY] [DSA 4281-1] tomcat8 security update
2018-08-29 06:29:28
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0065
2018-07-02 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0116
2018-12-26 00:00:00
symantec
symantec
Apache Tomcat CVE-2018-8037 Information Disclosure Vulnerability
2018-07-22 00:00:00
Apache Tomcat CVE-2018-11784 Open Redirection Vulnerability
2018-10-03 00:00:00
Apache Tomcat Vulnerabilities Jan-Aug 2018
2018-10-11 08:01:01
redhatcve
redhatcve
CVE-2018-8014
2020-04-06 17:04:57
CVE-2018-11784
2019-11-02 09:34:32
CVE-2018-8034
2020-04-07 11:33:42
packetstorm
packetstorm
Apache Tomcat 9.0.0M1 Open Redirect
2021-07-11 00:00:00
ubuntu
ubuntu
Tomcat vulnerability
2018-10-10 00:00:00
zdt
zdt
Apache Tomcat 9.0.0.M1 - Open Redirect Vulnerability
2021-07-13 00:00:00
nuclei
nuclei
Apache Tomcat - Open Redirect
2021-03-18 16:22:01
cisa
cisa
Apache Releases Security Updates for Apache Tomcat
2018-10-04 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for ELSA-2019-1529
osv15almalinux1rocky1nessus50redhat9openvas24fedora3tomcat9suse4amazon5mageia1ibm15kaspersky3oraclelinux2thn1atlassian3centos2github4cve4ubuntucve4veracode6f54debiancve4prion4checkpoint_advisories1debian6photon2symantec3redhatcve4packetstorm1ubuntu1zdt1nuclei1cisa1