RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1529 advisory. The Public Key Infrastructure PKI Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2019:1529 Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. Security Fixes: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up CVE-2018-8037 tomcat: Insecure...

pki-deps:10.6 security update

An update is available for glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, stax-ex, xerces-j2,...

RLSA-2019:1529 Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System. Security Fixes: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up...

Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. Security Fixes: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up CVE-2018-8037 tomcat: Insecure...

Fedora 28 : 1:tomcat (2018-b1832101b8)

This update includes a rebase from 8.5.30 up to 8.5.32 which resolves two CVEs along with various other bugs/features : - rhbz1579612 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins - rhbz1607586 CVE-2018-8034 tomcat: host name verification...

Apache Tomcat 8.5.0 < 8.5.32 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 8.5.x prior to 8.5.32. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in WebSocket client because host name verification is missing - A flaw exists in NIO/NIO2 connectors due to a mishandling of close that can...

Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.x prior to 9.0.10. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in WebSocket client because host name verification is missing - A flaw exists in NIO/NIO2 connectors due to a mishandling of close that can...