The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review the Apache security advisories for CVE-2018-8037 and CVE-2018-1336 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E

mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E

nessus 39

atlassian 1

thn 1

openvas 20

suse 2

amazon 3

debiancve 2

prion 2

cvelist 2

f5 2

veracode 3

photon 3

osv 11

cve 2

symantec 2

github 2

debian 3

fedora 2

redhatcve 2

ubuntucve 2

nvd 2

oraclelinux 2

tomcat 6

redhat 14

kaspersky 2

centos 1

ibm 2

ubuntu 2

almalinux 1

rocky 1

mageia 1

oracle 3

nessus

Photon OS 2.0: Apache PHSA-2018-2.0-0116

2024-07-23 00:00:00

Amazon Linux AMI : tomcat8 (ALAS-2018-1056)

2018-08-10 00:00:00

openSUSE Security Update : tomcat (openSUSE-2019-770)

2019-03-27 00:00:00

atlassian

Upgrade to Tomcat 8.5.32 necessary

2018-08-01 09:33:53

thn

Apache Tomcat Patches Important Security Vulnerabilities

2018-07-24 11:36:00

openvas

SUSE: Security Advisory (SUSE-SU-2018:3011-1)

2021-06-09 00:00:00

openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:3054-1)

2018-10-26 00:00:00

openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:2740-1)

2018-09-18 00:00:00

suse

Security update for tomcat (moderate)

2018-10-06 18:10:05

Security update for tomcat (moderate)

2018-09-17 12:12:40

amazon

Important: tomcat8

2018-08-09 16:12:00

Important: tomcat

2018-11-07 22:12:00

Important: tomcat7, tomcat80

2018-08-09 16:10:00

debiancve

CVE-2018-8037

2018-08-02 14:29:00

CVE-2018-1336

2018-08-02 14:29:00

prion

Race condition

2018-08-02 14:29:00

Design/Logic Flaw

2018-08-02 14:29:00

cvelist

CVE-2018-8037

2018-08-02 14:00:00

CVE-2018-1336

2018-08-02 14:00:00

K98776835 : Apache Tomcat vulnerability - CVE-2018-8037

2018-09-05 00:00:00

K73008537 : Apache Tomcat vulnerability CVE-2018-1336

2018-09-10 00:00:00

veracode

Information Disclosure

2018-07-23 06:35:16

Denial Of Service (DoS)

2019-01-15 09:26:11

Denial Of Service (DoS)

2018-07-23 09:10:43

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0116

2018-12-26 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0202

2019-01-03 00:00:00

Critical Photon OS Security Update - PHSA-2019-0202

2019-01-03 00:00:00

osv

tomcat8 - security update

2018-08-29 00:00:00

Apache Tomcat Race Condition vulnerability

2018-10-17 16:33:02

CVE-2018-8037

2018-08-02 14:29:00

cve

CVE-2018-8037

2018-08-02 14:29:00

CVE-2018-1336

2018-08-02 14:29:00

symantec

Apache Tomcat CVE-2018-8037 Information Disclosure Vulnerability

2018-07-22 00:00:00

Apache Tomcat Vulnerabilities Jan-Aug 2018

2018-10-11 08:01:01

github

Apache Tomcat Race Condition vulnerability

2018-10-17 16:33:02

In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder

2018-10-17 16:32:18

debian

[SECURITY] [DSA 4281-1] tomcat8 security update

2018-08-29 06:29:28

[SECURITY] [DSA 4281-1] tomcat8 security update

2018-08-29 06:29:28

[SECURITY] [DLA 1491-1] tomcat8 security update

2018-09-02 20:26:25

fedora

[SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28

2019-04-03 02:02:31

[SECURITY] Fedora 28 Update: tomcat-8.5.32-1.fc28

2018-08-30 04:57:26

redhatcve

CVE-2018-8037

2018-07-23 19:49:22

CVE-2018-1336

2019-11-02 22:29:19

ubuntucve

CVE-2018-8037

2018-08-02 00:00:00

CVE-2018-1336

2018-07-24 00:00:00

nvd

CVE-2018-8037

2018-08-02 14:29:00

CVE-2018-1336

2018-08-02 14:29:00

oraclelinux

tomcat security update

2018-10-16 00:00:00

pki-deps:10.6 security update

2019-07-30 00:00:00

tomcat

Fixed in Apache Tomcat 8.0.52

2018-05-08 00:00:00

Fixed in Apache Tomcat 7.0.88

2018-05-16 00:00:00

Fixed in Apache Tomcat 9.0.8

2018-05-03 00:00:00

redhat

(RHSA-2018:2921) Important: tomcat security update

2018-10-16 07:50:23

(RHSA-2018:2945) Important: Red Hat OpenShift Application Runtimes Spring Boot 1.5.16 update

2018-10-18 07:14:00

(RHSA-2018:2701) Important: Red Hat JBoss Web Server 3.1.0 Service Pack 5 security and bug fix update

2018-09-12 17:02:47

kaspersky

KLA11597 DoS vulnerability in Apache Tomcat

2018-05-03 00:00:00

KLA11297 Multiple vulnerabilities in Apache Tomcat

2018-07-22 00:00:00

centos

tomcat security update

2018-10-16 16:57:41

ibm

Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to publicly disclosed vulnerability. (CVE-2018-8034, CVE-2018-8037)

2018-12-03 14:05:01

Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities

2022-04-01 16:38:26

ubuntu

Tomcat vulnerabilities

2018-07-25 00:00:00

Apache Tomcat 7 vulnerabilities

2021-03-15 00:00:00

almalinux

Important: pki-deps:10.6 security update

2019-06-18 16:36:21

rocky

pki-deps:10.6 security update

2019-06-18 16:36:21

mageia

Updated tomcat packages fix security vulnerabilities

2018-12-10 00:20:39

oracle

Oracle Critical Patch Update Advisory - April 2020

2020-04-14 00:00:00

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update - October 2018

2018-12-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.021

Percentile

89.2%

JSON

Related for CISA:AABBB290C931260D111ACB58BDE998AA