Several security issues were fixed in Tomcat ...
Several issues were discovered in the Tomcat servlet and JSP
engine They could lead to unauthorized access to protected resources,
denial-of-service, or information leak
For the stable distribution (stretch), these problems have been fixed in
version 8514-1+deb9u3
We recommend that you upgrade your tomcat8 packages
For the detailed security s ...
Synopsis
Moderate: tomcat security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...
Synopsis
Moderate: Red Hat JBoss Web Server 31 Service Pack 6 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Web Server 31 for RHEL 6 and Red Hat JBoss Web Server 31 for RHEL 7Red Hat Product Security has rated this release as hav ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 6422 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 5Red Hat Product Security has rated this update as having a s ...
Synopsis
Moderate: Red Hat JBoss Web Server 50 Service Pack 2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Web Server 50 for RHEL 6 and Red Hat JBoss Web Server 50 for RHEL 7Red Hat Product Security has rated this release as hav ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 6422 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a s ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 6422 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a s ...
Synopsis
Important: pki-deps:106 security update
Type/Severity
Security Advisory: Important
Topic
An update for the pki-deps:106 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sy ...
Synopsis
Moderate: Red Hat JBoss Web Server 31 Service Pack 6 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Web Server 31Red Hat Product Security has rated this release as having a security impactof Moderate A Common Vulnerabilit ...
Synopsis
Important: Red Hat Fuse 750 security update
Type/Severity
Security Advisory: Important
Topic
A minor version update (from 74 to 75) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security h ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 6422 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 64Red Hat Product Security has rated this update as having a security impact of Moderate A C ...
Synopsis
Moderate: Red Hat JBoss Web Server 50 Service Pack 2 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Web Server 50 for RHEL 6 and Red Hat JBoss Web Server 50 for RHEL 7Red Hat Product Security has rated this release as hav ...
The host name verification when using TLS with the WebSocket client was missing It is now enabled by default Versions Affected: Apache Tomcat 900M1 to 909, 850 to 8531, 800RC1 to 8052, and 7035 to 7088 (CVE-2018-8034)
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Ap ...
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration Therefore, it is expected that most users will not be impacted ...
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration Therefore, it is expected that most users will not be impacted ...
The host name verification when using TLS with the WebSocket client was missing It is now enabled by default Versions Affected: Apache Tomcat 900M1 to 909, 850 to 8531, 800RC1 to 8052, and 7035 to 7088 ...