For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchtomcat-admin-webapps< 7.0.76-10.el7_6tomcat-admin-webapps-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-docs-webapp< 7.0.76-10.el7_6tomcat-docs-webapp-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-lib< 7.0.76-10.el7_6tomcat-lib-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-servlet-3.0-api< 7.0.76-10.el7_6tomcat-servlet-3.0-api-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-javadoc< 7.0.76-10.el7_6tomcat-javadoc-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-el-2.2-api< 7.0.76-10.el7_6tomcat-el-2.2-api-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat< 7.0.76-10.el7_6tomcat-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-jsvc< 7.0.76-10.el7_6tomcat-jsvc-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-webapps< 7.0.76-10.el7_6tomcat-webapps-7.0.76-10.el7_6.noarch.rpm
RedHat7noarchtomcat-jsp-2.2-api< 7.0.76-10.el7_6tomcat-jsp-2.2-api-7.0.76-10.el7_6.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	tomcat-admin-webapps	< 7.0.76-10.el7_6	tomcat-admin-webapps-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-docs-webapp	< 7.0.76-10.el7_6	tomcat-docs-webapp-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-lib	< 7.0.76-10.el7_6	tomcat-lib-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-servlet-3.0-api	< 7.0.76-10.el7_6	tomcat-servlet-3.0-api-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-javadoc	< 7.0.76-10.el7_6	tomcat-javadoc-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-el-2.2-api	< 7.0.76-10.el7_6	tomcat-el-2.2-api-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat	< 7.0.76-10.el7_6	tomcat-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-jsvc	< 7.0.76-10.el7_6	tomcat-jsvc-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-webapps	< 7.0.76-10.el7_6	tomcat-webapps-7.0.76-10.el7_6.noarch.rpm
RedHat	7	noarch	tomcat-jsp-2.2-api	< 7.0.76-10.el7_6	tomcat-jsp-2.2-api-7.0.76-10.el7_6.noarch.rpm

oraclelinux 2

fedora 3

veracode 1

ibm 7

openvas 29

osv 10

nessus 50

centos 2

ubuntucve 1

myhack58 1

threatpost 8

githubexploit 9

qualysblog 2

nvd 2

prion 2

redhat 15

cgr 1

huawei 1

debiancve 1

f5 1

cisa_kev 1

cvelist 2

rapid7blog 1

cve 2

github 1

trendmicroblog 1

redhatcve 2

attackerkb 2

checkpoint_advisories 1

amazon 3

tomcat 3

debian 4

kaspersky 1

mageia 1

suse 2

thn 2

photon 5

gentoo 1

atlassian 5

symantec 1

hackerone 1

trellix 2

ics 1

rocky 1

kitploit 1

oracle 3

oraclelinux

tomcat security update

2020-03-22 00:00:00

tomcat6 security update

2020-03-23 00:00:00

fedora

[SECURITY] Fedora 32 Update: tomcat-9.0.31-2.fc32

2020-03-31 00:18:31

[SECURITY] Fedora 30 Update: tomcat-9.0.31-2.fc30

2020-04-02 09:19:40

[SECURITY] Fedora 31 Update: tomcat-9.0.31-2.fc31

2020-04-02 09:56:06

veracode

Authentication Bypass

2020-02-25 05:53:16

ibm

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities.

2020-05-12 09:51:01

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Spectrum Protect Plus (CVE-2020-1938)

2020-06-12 20:32:51

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2020-1938)

2020-07-24 22:19:08

openvas

SUSE: Security Advisory (SUSE-SU-2020:14334-1)

2021-06-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:0725-1)

2021-04-19 00:00:00

CentOS: Security Advisory for tomcat (CESA-2020:0855)

2020-03-26 00:00:00

osv

CVE-2020-1938

2020-02-24 22:15:12

Improper Privilege Management in Tomcat

2020-06-15 18:51:21

BIT-tomcat-2020-1938

2024-03-06 11:11:29

nessus

NewStart CGSL CORE 5.04 / MAIN 5.04 : tomcat Vulnerability (NS-SA-2020-0038)

2020-09-07 00:00:00

EulerOS 2.0 SP5 : tomcat (EulerOS-SA-2020-1327)

2020-03-23 00:00:00

Scientific Linux Security Update : tomcat on SL7.x (noarch) (20200317)

2020-03-18 00:00:00

centos

tomcat6 security update

2020-03-25 19:21:34

tomcat security update

2020-03-25 19:05:03

ubuntucve

CVE-2020-1938

2020-02-24 00:00:00

myhack58

Apache Tomcat from file contains to RCE exploit the principle of in-depth analysis-vulnerability warning-the black bar safety net

2020-03-17 00:00:00

threatpost

Wordpress Yellow Pencil Plugin Flaws Actively Exploited

2019-04-12 14:13:06

Apache Tomcat Exploit Poised to Pounce, Stealing Files

2020-03-23 20:56:37

Weather Channel Knocked Off-Air in Dangerous Precedent

2019-04-18 20:21:21

githubexploit

Exploit for CVE-2020-1938

2021-08-14 17:32:51

Exploit for Improper Privilege Management in Apache Tomcat

2021-04-27 14:57:30

Exploit for Improper Privilege Management in Apache Tomcat

2020-11-14 13:55:58

qualysblog

Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys VMDR

2020-03-06 01:11:07

Detect Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys WAS

2020-03-10 22:09:59

nvd

CVE-2020-1938

2020-02-24 22:15:12

CVE-2020-10569

2020-04-21 19:15:12

prion

Default configuration

2020-02-24 22:15:00

Design/Logic Flaw

2020-04-21 19:15:00

redhat

(RHSA-2020:0855) Important: tomcat security update

2020-03-17 13:10:46

(RHSA-2020:1478) Important: Red Hat JBoss Enterprise Application Platform 6.4 security update

2020-04-14 20:43:24

(RHSA-2020:0912) Important: tomcat6 security update

2020-03-23 07:49:20

cgr

CVE-2020-1938 vulnerabilities

2024-05-19 03:07:16

huawei

Security Advisory - Apache Tomcat File Inclusion Vulnerability

2020-07-15 00:00:00

debiancve

CVE-2020-1938

2020-02-24 22:15:12

K53254186 : Apache Tomcat vulnerability CVE-2020-1938

2020-03-04 00:00:00

cisa_kev

Apache Tomcat Improper Privilege Management Vulnerability

2022-03-03 00:00:00

cvelist

CVE-2020-1938

2020-02-24 21:19:18

CVE-2020-10569

2020-04-21 19:01:37

rapid7blog

Metasploit Wrap-Up

2020-12-04 19:27:53

cve

CVE-2020-1938

2020-02-24 22:15:12

CVE-2020-10569

2020-04-21 19:15:12

github

Improper Privilege Management in Tomcat

2020-06-15 18:51:21

trendmicroblog

This Week in Security News: Operation Overtrap Targets Japanese Online Banking Users and Everything You Need to Know About Tax Scams

2020-03-13 12:40:26

redhatcve

CVE-2020-1938

2020-02-24 06:10:47

CVE-2020-1745

2020-02-26 04:10:51

attackerkb

CVE-2020-10569

2020-04-21 00:00:00

CVE-2020-1938

2020-02-24 00:00:00

checkpoint_advisories

Apache Tomcat AJP File Inclusion (CVE-2020-1938; CVE-2022-26377)

2020-02-25 00:00:00

amazon

Important: tomcat7

2020-03-09 19:20:00

Important: tomcat8

2020-03-09 19:21:00

Important: tomcat

2020-03-09 19:23:00

tomcat

Fixed in Apache Tomcat 9.0.31

2020-02-11 00:00:00

Fixed in Apache Tomcat 8.5.51

2020-02-11 00:00:00

Fixed in Apache Tomcat 7.0.100

2020-02-14 00:00:00

debian

[SECURITY] [DSA 4673-1] tomcat8 security update

2020-05-03 18:29:38

[SECURITY] [DLA 2133-1] tomcat7 security update

2020-03-04 18:14:50

[SECURITY] [DLA 2209-1] tomcat8 security update

2020-05-28 17:53:49

kaspersky

KLA11679 Multiple vulnerabilities in Apache Tomcat

2020-02-24 00:00:00

mageia

Updated tomcat packages fix security vulnerabilities

2020-03-10 22:04:50

suse

Security update for apache2 (important)

2020-05-02 00:00:00

Security update for tomcat (important)

2020-03-15 00:00:00

thn

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

2020-02-28 13:00:00

Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems

2021-07-09 07:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0285

2020-03-20 00:00:00

Critical Photon OS Security Update - PHSA-2020-0285

2020-03-09 00:00:00

Critical Photon OS Security Update - PHSA-2020-0218

2020-03-09 00:00:00

gentoo

Apache Tomcat: Multiple vulnerabilities

2020-03-19 00:00:00

atlassian

Upgrade Tomcat to version 8.5.75 - CVE-2020-9484/CVE-2022-23181

2022-01-27 13:24:58

Upgrade Tomcat to 8.5.50 to fix CVE-2019-17563 & CVE-2019-12418

2020-01-15 15:29:54

The version of Apache Tomcat included with Jira Server is affected by CVE-2020-1935, CVE-2020-1938, CVE-2019-17569

2020-04-30 09:04:13

symantec

Apache Tomcat Vulnerabilities Oct 2018 – Feb 2020

2020-05-12 19:02:01

hackerone

U.S. Dept Of Defense: Tomcat examples available for public, Disclosure Apache Tomcat version, Critical/High/Medium CVE

2020-05-14 19:38:44

trellix

Connected Healthcare: A Cybersecurity Battlefield We Must Win

2022-06-06 00:00:00

Connected Healthcare: A Cybersecurity Battlefield We Must Win

2022-06-06 00:00:00

ics

Philips Vue PACS (Update C)

2023-02-21 12:00:00

rocky

pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

2020-11-03 12:29:58

kitploit

Vulmap - Web Vulnerability Scanning And Verification Tools

2020-12-25 11:30:00

oracle

Oracle Critical Patch Update Advisory - January 2021

2021-01-19 00:00:00

Oracle Critical Patch Update Advisory - July 2020

2020-07-14 00:00:00

Oracle Critical Patch Update Advisory - October 2020

2020-10-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.974 High

EPSS

Percentile

99.9%

JSON

Related for RHSA-2020:2840