Lucene search

PRIOn knowledge basePRION:CVE-2018-1336

HistoryAug 02, 2018 - 2:29 p.m.

Design/Logic Flaw

2018-08-0214:29:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

CPENameOperatorVersion
tomcateq8.0.0 rc6
tomcateq8.0.0 rc9
tomcateq8.0.0 rc7
tomcateq8.0.0 rc3
tomcateq8.0.0 rc2
tomcateq8.0.0 rc1
tomcateq8.0.0 rc8
tomcateq8.0.0 rc10
tomcateq8.0.0 rc5
tomcateq8.0.0 rc4

Name	Operator	Version
tomcat	eq	8.0.0 rc6
tomcat	eq	8.0.0 rc9
tomcat	eq	8.0.0 rc7
tomcat	eq	8.0.0 rc3
tomcat	eq	8.0.0 rc2
tomcat	eq	8.0.0 rc1
tomcat	eq	8.0.0 rc8
tomcat	eq	8.0.0 rc10
tomcat	eq	8.0.0 rc5
tomcat	eq	8.0.0 rc4

Rows per page:

1-10 of 481

References

mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E

www.securityfocus.com/bid/104898

www.securitytracker.com/id/1041375

access.redhat.com/errata/RHEA-2018:2188

access.redhat.com/errata/RHEA-2018:2189

access.redhat.com/errata/RHSA-2018:2700

access.redhat.com/errata/RHSA-2018:2701

access.redhat.com/errata/RHSA-2018:2740

access.redhat.com/errata/RHSA-2018:2741

access.redhat.com/errata/RHSA-2018:2742

access.redhat.com/errata/RHSA-2018:2743

access.redhat.com/errata/RHSA-2018:2921

access.redhat.com/errata/RHSA-2018:2930

access.redhat.com/errata/RHSA-2018:2939

access.redhat.com/errata/RHSA-2018:2945

access.redhat.com/errata/RHSA-2018:3768

lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E

lists.debian.org/debian-lts-announce/2018/09/msg00001.html

security.netapp.com/advisory/ntap-20180817-0001/

support.f5.com/csp/article/K73008537?utm_source=f5support&amp%3Butm_medium=RSS

usn.ubuntu.com/3723-1/

www.debian.org/security/2018/dsa-4281

www.oracle.com/security-alerts/cpuapr2020.html