SUSE CVE-2018-8020
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...