CVE-2018-1304

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.

Published : 2018-02-28 20:29 Updated : 2019-05-10 18:16

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Oracle Hospitality Guest Access 4.2.0 cpe:/a:oracle:hospitality_guest_access:4.2.0
Oracle Hospitality Guest Access 4.2.1 cpe:/a:oracle:hospitality_guest_access:4.2.1
Oracle Secure Global Desktop 5.3 cpe:/a:oracle:secure_global_desktop:5.3
Oracle Secure Global Desktop 5.4 cpe:/a:oracle:secure_global_desktop:5.4
Redhat Jboss Enterprise Application Platform 6 cpe:/a:redhat:jboss_enterprise_application_platform:6
Redhat Jboss Enterprise Application Platform 6.4 cpe:/a:redhat:jboss_enterprise_application_platform:6.4
Redhat Jboss Middleware 1 cpe:/a:redhat:jboss_middleware:1
Canonical Ubuntu Linux 14.04 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
Canonical Ubuntu Linux 16.04 cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
Canonical Ubuntu Linux 17.10 cpe:/o:canonical:ubuntu_linux:17.10
Canonical Ubuntu Linux 18.04 cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
Debian Debian Linux 8.0 cpe:/o:debian:debian_linux:8.0
Debian Debian Linux 9.0 cpe:/o:debian:debian_linux:9.0
Apache Tomcat 7.0.52 cpe:/a:apache:tomcat:7.0.52
Apache Tomcat 7.0.53 cpe:/a:apache:tomcat:7.0.53
Apache Tomcat 8.0.3 cpe:/a:apache:tomcat:8.0.3
Apache Tomcat 8.0.5 cpe:/a:apache:tomcat:8.0.5
Apache Tomcat 8.0.8 cpe:/a:apache:tomcat:8.0.8
Apache Tomcat 8.0.45 cpe:/a:apache:tomcat:8.0.45
Apache Tomcat 8.0.46 cpe:/a:apache:tomcat:8.0.46
Apache Tomcat 8.5.16 cpe:/a:apache:tomcat:8.5.16
Apache Tomcat 8.5.17 cpe:/a:apache:tomcat:8.5.17
Apache Tomcat 8.5.18 cpe:/a:apache:tomcat:8.5.18
Apache Tomcat 8.5.19 cpe:/a:apache:tomcat:8.5.19
Apache Tomcat 8.5.20 cpe:/a:apache:tomcat:8.5.20
Apache Tomcat 8.5.21 cpe:/a:apache:tomcat:8.5.21
Apache Tomcat 8.5.22 cpe:/a:apache:tomcat:8.5.22
Apache Tomcat 8.5.25 cpe:/a:apache:tomcat:8.5.25
Apache Tomcat 8.5.26 cpe:/a:apache:tomcat:8.5.26
Oracle Fusion Middleware 12.2.1.3.0 cpe:/a:oracle:fusion_middleware:12.2.1.3.0
Oracle Micros Relate Crm Software 11.4 cpe:/a:oracle:micros_relate_crm_software:11.4
Apache Tomcat 7.0.0 cpe:/a:apache:tomcat:7.0.0
Apache Tomcat 7.0.0 cpe:/a:apache:tomcat:7.0.0:beta
Apache Tomcat 7.0.1 cpe:/a:apache:tomcat:7.0.1
Apache Tomcat 7.0.2 cpe:/a:apache:tomcat:7.0.2
Apache Tomcat 7.0.2 cpe:/a:apache:tomcat:7.0.2:beta
Apache Tomcat 7.0.3 cpe:/a:apache:tomcat:7.0.3
Apache Tomcat 7.0.4 cpe:/a:apache:tomcat:7.0.4
Apache Tomcat 7.0.4 cpe:/a:apache:tomcat:7.0.4:beta
Apache Tomcat 7.0.5 cpe:/a:apache:tomcat:7.0.5
Apache Tomcat 7.0.5 cpe:/a:apache:tomcat:7.0.5:beta
Apache Tomcat 7.0.6 cpe:/a:apache:tomcat:7.0.6
Apache Tomcat 7.0.7 cpe:/a:apache:tomcat:7.0.7
Apache Tomcat 7.0.8 cpe:/a:apache:tomcat:7.0.8
Apache Tomcat 7.0.9 cpe:/a:apache:tomcat:7.0.9
Apache Tomcat 7.0.10 cpe:/a:apache:tomcat:7.0.10
Apache Tomcat 7.0.11 cpe:/a:apache:tomcat:7.0.11
Apache Tomcat 7.0.12 cpe:/a:apache:tomcat:7.0.12
Apache Tomcat 7.0.13 cpe:/a:apache:tomcat:7.0.13
Apache Tomcat 7.0.14 cpe:/a:apache:tomcat:7.0.14
Apache Tomcat 7.0.15 cpe:/a:apache:tomcat:7.0.15
Apache Tomcat 7.0.16 cpe:/a:apache:tomcat:7.0.16
Apache Tomcat 7.0.17 cpe:/a:apache:tomcat:7.0.17
Apache Tomcat 7.0.18 cpe:/a:apache:tomcat:7.0.18
Apache Tomcat 7.0.19 cpe:/a:apache:tomcat:7.0.19
Apache Tomcat 7.0.20 cpe:/a:apache:tomcat:7.0.20
Apache Tomcat 7.0.21 cpe:/a:apache:tomcat:7.0.21
Apache Tomcat 7.0.22 cpe:/a:apache:tomcat:7.0.22
Apache Tomcat 7.0.23 cpe:/a:apache:tomcat:7.0.23
Apache Tomcat 7.0.24 cpe:/a:apache:tomcat:7.0.24
Apache Tomcat 7.0.25 cpe:/a:apache:tomcat:7.0.25
Apache Tomcat 7.0.26 cpe:/a:apache:tomcat:7.0.26
Apache Tomcat 7.0.27 cpe:/a:apache:tomcat:7.0.27
Apache Tomcat 7.0.28 cpe:/a:apache:tomcat:7.0.28
Apache Tomcat 7.0.29 cpe:/a:apache:tomcat:7.0.29
Apache Tomcat 7.0.30 cpe:/a:apache:tomcat:7.0.30
Apache Tomcat 7.0.31 cpe:/a:apache:tomcat:7.0.31
Apache Tomcat 7.0.32 cpe:/a:apache:tomcat:7.0.32
Apache Tomcat 7.0.33 cpe:/a:apache:tomcat:7.0.33
Apache Tomcat 7.0.34 cpe:/a:apache:tomcat:7.0.34
Apache Tomcat 7.0.35 cpe:/a:apache:tomcat:7.0.35
Apache Tomcat 7.0.36 cpe:/a:apache:tomcat:7.0.36
Apache Tomcat 7.0.37 cpe:/a:apache:tomcat:7.0.37
Apache Tomcat 7.0.38 cpe:/a:apache:tomcat:7.0.38
Apache Tomcat 7.0.39 cpe:/a:apache:tomcat:7.0.39
Apache Tomcat 7.0.40 cpe:/a:apache:tomcat:7.0.40
Apache Tomcat 7.0.41 cpe:/a:apache:tomcat:7.0.41
Apache Tomcat 7.0.42 cpe:/a:apache:tomcat:7.0.42
Apache Tomcat 7.0.43 cpe:/a:apache:tomcat:7.0.43
Apache Tomcat 7.0.44 cpe:/a:apache:tomcat:7.0.44
Apache Tomcat 7.0.45 cpe:/a:apache:tomcat:7.0.45
Apache Tomcat 7.0.46 cpe:/a:apache:tomcat:7.0.46
Apache Tomcat 7.0.47 cpe:/a:apache:tomcat:7.0.47
Apache Tomcat 7.0.48 cpe:/a:apache:tomcat:7.0.48
Apache Tomcat 7.0.49 cpe:/a:apache:tomcat:7.0.49
Apache Tomcat 7.0.50 cpe:/a:apache:tomcat:7.0.50
Apache Tomcat 7.0.51 cpe:/a:apache:tomcat:7.0.51
Apache Tomcat 7.0.54 cpe:/a:apache:tomcat:7.0.54
Apache Tomcat 7.0.55 cpe:/a:apache:tomcat:7.0.55
Apache Tomcat 7.0.56 cpe:/a:apache:tomcat:7.0.56
Apache Tomcat 7.0.57 cpe:/a:apache:tomcat:7.0.57
Apache Tomcat 7.0.58 cpe:/a:apache:tomcat:7.0.58
Apache Tomcat 7.0.59 cpe:/a:apache:tomcat:7.0.59
Apache Tomcat 7.0.60 cpe:/a:apache:tomcat:7.0.60
Apache Tomcat 7.0.61 cpe:/a:apache:tomcat:7.0.61
Apache Tomcat 7.0.62 cpe:/a:apache:tomcat:7.0.62
Apache Tomcat 7.0.63 cpe:/a:apache:tomcat:7.0.63
Apache Tomcat 7.0.64 cpe:/a:apache:tomcat:7.0.64
Apache Tomcat 7.0.65 cpe:/a:apache:tomcat:7.0.65
Apache Tomcat 7.0.66 cpe:/a:apache:tomcat:7.0.66
Apache Tomcat 7.0.67 cpe:/a:apache:tomcat:7.0.67
Apache Tomcat 7.0.68 cpe:/a:apache:tomcat:7.0.68
Apache Tomcat 7.0.69 cpe:/a:apache:tomcat:7.0.69
Apache Tomcat 7.0.70 cpe:/a:apache:tomcat:7.0.70
Apache Tomcat 7.0.71 cpe:/a:apache:tomcat:7.0.71
Apache Tomcat 7.0.72 cpe:/a:apache:tomcat:7.0.72
Apache Tomcat 7.0.73 cpe:/a:apache:tomcat:7.0.73
Apache Tomcat 7.0.74 cpe:/a:apache:tomcat:7.0.74
Apache Tomcat 7.0.75 cpe:/a:apache:tomcat:7.0.75
Apache Tomcat 7.0.76 cpe:/a:apache:tomcat:7.0.76
Apache Tomcat 7.0.77 cpe:/a:apache:tomcat:7.0.77
Apache Tomcat 7.0.79 cpe:/a:apache:tomcat:7.0.79
Apache Tomcat 7.0.80 cpe:/a:apache:tomcat:7.0.80
Apache Tomcat 7.0.81 cpe:/a:apache:tomcat:7.0.81
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc1
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc10
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc2
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc5
Apache Tomcat 8.0.1 cpe:/a:apache:tomcat:8.0.1
Apache Tomcat 8.0.2 cpe:/a:apache:tomcat:8.0.2
Apache Tomcat 8.0.4 cpe:/a:apache:tomcat:8.0.4
Apache Tomcat 8.0.6 cpe:/a:apache:tomcat:8.0.6
Apache Tomcat 8.0.7 cpe:/a:apache:tomcat:8.0.7
Apache Tomcat 8.0.9 cpe:/a:apache:tomcat:8.0.9
Apache Tomcat 8.0.10 cpe:/a:apache:tomcat:8.0.10
Apache Tomcat 8.0.11 cpe:/a:apache:tomcat:8.0.11
Apache Tomcat 8.0.12 cpe:/a:apache:tomcat:8.0.12
Apache Tomcat 8.0.13 cpe:/a:apache:tomcat:8.0.13
Apache Tomcat 8.0.14 cpe:/a:apache:tomcat:8.0.14
Apache Tomcat 8.0.15 cpe:/a:apache:tomcat:8.0.15
Apache Tomcat 8.0.16 cpe:/a:apache:tomcat:8.0.16
Apache Tomcat 8.0.17 cpe:/a:apache:tomcat:8.0.17
Apache Tomcat 8.0.18 cpe:/a:apache:tomcat:8.0.18
Apache Tomcat 8.0.19 cpe:/a:apache:tomcat:8.0.19
Apache Tomcat 8.0.20 cpe:/a:apache:tomcat:8.0.20
Apache Tomcat 8.0.21 cpe:/a:apache:tomcat:8.0.21
Apache Tomcat 8.0.22 cpe:/a:apache:tomcat:8.0.22
Apache Tomcat 8.0.23 cpe:/a:apache:tomcat:8.0.23
Apache Tomcat 8.0.24 cpe:/a:apache:tomcat:8.0.24
Apache Tomcat 8.0.25 cpe:/a:apache:tomcat:8.0.25
Apache Tomcat 8.0.26 cpe:/a:apache:tomcat:8.0.26
Apache Tomcat 8.0.27 cpe:/a:apache:tomcat:8.0.27
Apache Tomcat 8.0.28 cpe:/a:apache:tomcat:8.0.28
Apache Tomcat 8.0.29 cpe:/a:apache:tomcat:8.0.29
Apache Tomcat 8.0.30 cpe:/a:apache:tomcat:8.0.30
Apache Tomcat 8.0.31 cpe:/a:apache:tomcat:8.0.31
Apache Tomcat 8.0.32 cpe:/a:apache:tomcat:8.0.32
Apache Tomcat 8.0.33 cpe:/a:apache:tomcat:8.0.33
Apache Tomcat 8.0.34 cpe:/a:apache:tomcat:8.0.34
Apache Tomcat 8.0.35 cpe:/a:apache:tomcat:8.0.35
Apache Tomcat 8.0.36 cpe:/a:apache:tomcat:8.0.36
Apache Tomcat 8.0.37 cpe:/a:apache:tomcat:8.0.37
Apache Tomcat 8.0.38 cpe:/a:apache:tomcat:8.0.38
Apache Tomcat 8.0.39 cpe:/a:apache:tomcat:8.0.39
Apache Tomcat 8.0.40 cpe:/a:apache:tomcat:8.0.40
Apache Tomcat 8.0.41 cpe:/a:apache:tomcat:8.0.41
Apache Tomcat 8.0.42 cpe:/a:apache:tomcat:8.0.42
Apache Tomcat 8.0.43 cpe:/a:apache:tomcat:8.0.43
Apache Tomcat 8.5.0 cpe:/a:apache:tomcat:8.5.0
Apache Tomcat 8.5.1 cpe:/a:apache:tomcat:8.5.1
Apache Tomcat 8.5.2 cpe:/a:apache:tomcat:8.5.2
Apache Tomcat 8.5.3 cpe:/a:apache:tomcat:8.5.3
Apache Tomcat 8.5.4 cpe:/a:apache:tomcat:8.5.4
Apache Tomcat 8.5.5 cpe:/a:apache:tomcat:8.5.5
Apache Tomcat 8.5.6 cpe:/a:apache:tomcat:8.5.6
Apache Tomcat 8.5.7 cpe:/a:apache:tomcat:8.5.7
Apache Tomcat 8.5.8 cpe:/a:apache:tomcat:8.5.8
Apache Tomcat 8.5.9 cpe:/a:apache:tomcat:8.5.9
Apache Tomcat 8.5.10 cpe:/a:apache:tomcat:8.5.10
Apache Tomcat 8.5.11 cpe:/a:apache:tomcat:8.5.11
Apache Tomcat 8.5.12 cpe:/a:apache:tomcat:8.5.12
Apache Tomcat 8.5.13 cpe:/a:apache:tomcat:8.5.13
Apache Tomcat 8.5.14 cpe:/a:apache:tomcat:8.5.14
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m1
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m10
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m11
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m12
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m13
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m14
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m15
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m16
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m17
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m18
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m19
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m2
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m20
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m21
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m22
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m23
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m24
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m25
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m26
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m27
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m3
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m4
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m5
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m6
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m7
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m8
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m9
Redhat Jboss Enterprise Web Server 3.0.0 cpe:/a:redhat:jboss_enterprise_web_server:3.0.0
Debian Debian Linux 7.0 cpe:/o:debian:debian_linux:7.0
Apache Tomcat 7.0.78 cpe:/a:apache:tomcat:7.0.78
Apache Tomcat 7.0.82 cpe:/a:apache:tomcat:7.0.82
Apache Tomcat 7.0.83 cpe:/a:apache:tomcat:7.0.83
Apache Tomcat 7.0.84 cpe:/a:apache:tomcat:7.0.84
Apache Tomcat 8.0.44 cpe:/a:apache:tomcat:8.0.44
Apache Tomcat 8.0.47 cpe:/a:apache:tomcat:8.0.47
Apache Tomcat 8.0.48 cpe:/a:apache:tomcat:8.0.48
Apache Tomcat 8.0.49 cpe:/a:apache:tomcat:8.0.49
Apache Tomcat 8.5.15 cpe:/a:apache:tomcat:8.5.15
Apache Tomcat 8.5.23 cpe:/a:apache:tomcat:8.5.23
Apache Tomcat 8.5.24 cpe:/a:apache:tomcat:8.5.24
Apache Tomcat 8.5.27 cpe:/a:apache:tomcat:8.5.27
Apache Tomcat 9.0.1 cpe:/a:apache:tomcat:9.0.1
Apache Tomcat 9.0.2 cpe:/a:apache:tomcat:9.0.2
Apache Tomcat 9.0.3 cpe:/a:apache:tomcat:9.0.3
Apache Tomcat 9.0.4 cpe:/a:apache:tomcat:9.0.4
  1. Debian (1) Search CVE
    1. Debian Linux (3) Search CVE
      1. 8.0
      2. 9.0
      3. 7.0
  2. Oracle (4) Search CVE
    1. Fusion Middleware (1) Search CVE
      1. 12.2.1.3.0
    2. Micros Relate Crm Software (1) Search CVE
      1. 11.4
    3. Hospitality Guest Access (2) Search CVE
      1. 4.2.0
      2. 4.2.1
    4. Secure Global Desktop (2) Search CVE
      1. 5.3
      2. 5.4
  3. Apache (1) Search CVE
    1. Tomcat (168) Search CVE
      1. 7.0.52
      2. 7.0.53
      3. 8.0.3
      4. 8.0.5
      5. 8.0.8
      6. 8.0.45
      7. 8.0.46
      8. 8.5.16
      9. 8.5.17
      10. 8.5.18
      11. 8.5.19
      12. 8.5.20
      13. 8.5.21
      14. 8.5.22
      15. 8.5.25
      16. 8.5.26
      17. 7.0.0
      18. 7.0.1
      19. 7.0.2
      20. 7.0.3
      21. 7.0.4
      22. 7.0.5
      23. 7.0.6
      24. 7.0.7
      25. 7.0.8
      26. 7.0.9
      27. 7.0.10
      28. 7.0.11
      29. 7.0.12
      30. 7.0.13
      31. 7.0.14
      32. 7.0.15
      33. 7.0.16
      34. 7.0.17
      35. 7.0.18
      36. 7.0.19
      37. 7.0.20
      38. 7.0.21
      39. 7.0.22
      40. 7.0.23
      41. 7.0.24
      42. 7.0.25
      43. 7.0.26
      44. 7.0.27
      45. 7.0.28
      46. 7.0.29
      47. 7.0.30
      48. 7.0.31
      49. 7.0.32
      50. 7.0.33
      51. 7.0.34
      52. 7.0.35
      53. 7.0.36
      54. 7.0.37
      55. 7.0.38
      56. 7.0.39
      57. 7.0.40
      58. 7.0.41
      59. 7.0.42
      60. 7.0.43
      61. 7.0.44
      62. 7.0.45
      63. 7.0.46
      64. 7.0.47
      65. 7.0.48
      66. 7.0.49
      67. 7.0.50
      68. 7.0.51
      69. 7.0.54
      70. 7.0.55
      71. 7.0.56
      72. 7.0.57
      73. 7.0.58
      74. 7.0.59
      75. 7.0.60
      76. 7.0.61
      77. 7.0.62
      78. 7.0.63
      79. 7.0.64
      80. 7.0.65
      81. 7.0.66
      82. 7.0.67
      83. 7.0.68
      84. 7.0.69
      85. 7.0.70
      86. 7.0.71
      87. 7.0.72
      88. 7.0.73
      89. 7.0.74
      90. 7.0.75
      91. 7.0.76
      92. 7.0.77
      93. 7.0.79
      94. 7.0.80
      95. 7.0.81
      96. 8.0.0
      97. 8.0.1
      98. 8.0.2
      99. 8.0.4
      100. 8.0.6
      101. 8.0.7
      102. 8.0.9
      103. 8.0.10
      104. 8.0.11
      105. 8.0.12
      106. 8.0.13
      107. 8.0.14
      108. 8.0.15
      109. 8.0.16
      110. 8.0.17
      111. 8.0.18
      112. 8.0.19
      113. 8.0.20
      114. 8.0.21
      115. 8.0.22
      116. 8.0.23
      117. 8.0.24
      118. 8.0.25
      119. 8.0.26
      120. 8.0.27
      121. 8.0.28
      122. 8.0.29
      123. 8.0.30
      124. 8.0.31
      125. 8.0.32
      126. 8.0.33
      127. 8.0.34
      128. 8.0.35
      129. 8.0.36
      130. 8.0.37
      131. 8.0.38
      132. 8.0.39
      133. 8.0.40
      134. 8.0.41
      135. 8.0.42
      136. 8.0.43
      137. 8.5.0
      138. 8.5.1
      139. 8.5.2
      140. 8.5.3
      141. 8.5.4
      142. 8.5.5
      143. 8.5.6
      144. 8.5.7
      145. 8.5.8
      146. 8.5.9
      147. 8.5.10
      148. 8.5.11
      149. 8.5.12
      150. 8.5.13
      151. 8.5.14
      152. 9.0.0
      153. 7.0.78
      154. 7.0.82
      155. 7.0.83
      156. 7.0.84
      157. 8.0.44
      158. 8.0.47
      159. 8.0.48
      160. 8.0.49
      161. 8.5.15
      162. 8.5.23
      163. 8.5.24
      164. 8.5.27
      165. 9.0.1
      166. 9.0.2
      167. 9.0.3
      168. 9.0.4
  4. Canonical (1) Search CVE
    1. Ubuntu Linux (4) Search CVE
      1. 14.04
      2. 16.04
      3. 17.10
      4. 18.04
  5. Redhat (3) Search CVE
    1. Jboss Enterprise Application Platform (2) Search CVE
      1. 6
      2. 6.4
    2. Jboss Enterprise Web Server (1) Search CVE
      1. 3.0.0
    3. Jboss Middleware (1) Search CVE
      1. 1

CWE

ID Name Description Links
CWE-254 Security Features Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management. CVE

References

Source Link
MISC https://lists.apache.org/thread.html/b1d7e2425d6fd2cebed40d318f9365b44546077e10949b01b1f8a0fb@%3Cannounce.tomcat.apache.org%3E
BID http://www.securityfocus.com/bid/103170
SECTRACK http://www.securitytracker.com/id/1040427
MLIST https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
REDHAT https://access.redhat.com/errata/RHSA-2018:0465
REDHAT https://access.redhat.com/errata/RHSA-2018:0466
REDHAT https://access.redhat.com/errata/RHSA-2018:1320
REDHAT https://access.redhat.com/errata/RHSA-2018:1447
REDHAT https://access.redhat.com/errata/RHSA-2018:1451
REDHAT https://access.redhat.com/errata/RHSA-2018:1450
REDHAT https://access.redhat.com/errata/RHSA-2018:1449
REDHAT https://access.redhat.com/errata/RHSA-2018:1448
UBUNTU https://usn.ubuntu.com/3665-1/
MLIST https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
CONFIRM https://security.netapp.com/advisory/ntap-20180706-0001/
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
MLIST https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
DEBIAN https://www.debian.org/security/2018/dsa-4281
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
REDHAT https://access.redhat.com/errata/RHSA-2018:2939
MLIST https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
MISC https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

History of changes

Date Event
2019-05-10 18:16
2019-04-23 19:31
2019-04-15 16:31
2019-03-25 11:35
2019-03-21 16:00
2018-10-18 10:29
2018-10-17 01:31
2018-08-29 10:29
2018-07-31 01:29
2018-07-19 01:29
2018-07-08 01:29
2018-06-29 01:29
2018-06-01 01:29
2018-05-17 01:29
2018-05-05 01:29
2018-03-26 17:19
2018-03-09 02:29
2018-03-08 02:29
2018-03-02 02:29
2018-02-28 20:29

New CVE