Lucene search
GoogleOSV:DSA-3428-1HistoryDec 18, 2015 - 12:00 a.m.
tomcat8 - security update
2015-12-1800:00:00
Google
osv.dev
10
0.003 Low
EPSS
Percentile
69.3%
It was discovered that malicious web applications could use the
Expression Language to bypass protections of a Security Manager as
expressions were evaluated within a privileged code section.
For the stable distribution (jessie), this problem has been fixed in
version 8.0.14-1+deb8u1.
For the testing distribution (stretch), this problem has been fixed
in version 8.0.21-2.
For the unstable distribution (sid), this problem has been fixed in
version 8.0.21-2.
We recommend that you upgrade your tomcat8 packages.
References
Related
ibm
ibm
openvas
openvas
RedHat Update for tomcat6 RHSA-2016:0492-01
2016-03-23 00:00:00
Debian: Security Advisory (DSA-3428-1)
2015-12-17 00:00:00
CentOS Update for tomcat6 CESA-2016:0492 centos6
2016-03-24 00:00:00
ubuntucve
ubuntucve
CVE-2014-7810
2015-06-07 00:00:00
nessus
nessus
Scientific Linux Security Update : tomcat6 on SL6.x i386/x86_64 (20160323)
2016-03-24 00:00:00
CentOS 6 : tomcat6 (CESA-2016:0492)
2016-03-24 00:00:00
Apache Tomcat 8.0.0-RC1 < 8.0.17
2015-05-21 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 8.0.17
2015-01-16 00:00:00
Fixed in Apache Tomcat 7.0.59
2015-02-04 00:00:00
Fixed in Apache Tomcat 6.0.44
2015-05-12 00:00:00
centos
centos
tomcat6 security update
2016-03-23 13:09:57
tomcat security update
2016-10-11 18:36:52
redhat
redhat
(RHSA-2016:0492) Moderate: tomcat6 security and bug fix update
2016-03-22 00:00:00
(RHSA-2016:22545) Moderate: tomcat6 security and bug fix update
2016-01-25 05:00:00
f5
f5
SOL38110373 - Apache Tomcat vulnerability CVE-2014-7810
2016-10-23 00:00:00
K38110373 : Apache Tomcat vulnerability CVE-2014-7810
2016-10-23 00:00:00
debiancve
debiancve
CVE-2014-7810
2015-06-07 23:59:00
cvelist
cvelist
CVE-2014-7810
2015-06-07 23:00:00
github
github
Improper Access Control in Apache Tomcat
2022-05-14 01:10:17
debian
debian
[SECURITY] [DSA 3428-1] tomcat8 security update
2015-12-18 21:13:53
[SECURITY] [DLA 232-1] tomcat6 security update
2015-05-28 19:25:54
[SECURITY] [DSA 3447-1] tomcat7 security update
2016-01-17 15:47:11
osv
osv
Improper Access Control in Apache Tomcat
2022-05-14 01:10:17
tomcat6 - security update
2015-05-28 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass
2015-05-17 00:00:00
Apache Tomcat security vulnerabilities
2015-05-17 00:00:00
cve
cve
CVE-2014-7810
2015-06-07 23:59:03
nvd
nvd
CVE-2014-7810
2015-06-07 23:59:03
oraclelinux
oraclelinux
tomcat6 security and bug fix update
2016-03-22 00:00:00
tomcat security update
2016-10-10 00:00:00
tomcat security, bug fix, and enhancement update
2016-11-09 00:00:00
prion
prion
Design/Logic Flaw
2015-06-07 23:59:00
veracode
veracode
SecurityManager Bypass
2019-01-15 09:10:45
amazon
amazon
Medium: tomcat6
2016-03-10 16:30:00
Medium: tomcat8
2016-03-10 16:30:00
Medium: tomcat7
2016-03-10 16:30:00
freebsd
freebsd
tomcat -- multiple vulnerabilities
2015-05-12 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2015-06-25 00:00:00
Tomcat vulnerabilities
2015-06-25 00:00:00
symantec
symantec
SA100 : Apache Tomcat Vulnerabilities
2015-07-23 08:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00