SuseOPENSUSE-SU-2020:1102-1

HistoryJul 27, 2020 - 12:00 a.m.

Security update for tomcat (important)

2020-07-2700:00:00

lists.opensuse.org

0.912 High

EPSS

Percentile

98.9%

JSON

An update that fixes two vulnerabilities is now available.

Description:

This update for tomcat fixes the following issues:

Fixed CVEs:
- CVE-2020-13934 (bsc#1174121)
- CVE-2020-13935 (bsc#1174117)

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1102=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.1	noarch		< - openSUSE Leap 15.1 (noarch):	- openSUSE Leap 15.1 (noarch):.noarch.rpm

nessus

Photon OS 3.0: Apache PHSA-2020-3.0-0116

2020-07-21 00:00:00

Apache Tomcat 8.5.0 < 8.5.57 multiple vulnerabilities

2020-07-17 00:00:00

openSUSE Security Update : tomcat (openSUSE-2020-1102)

2020-07-28 00:00:00

photon

Important Photon OS Security Update - PHSA-2020-0116

2020-07-20 00:00:00

Important Photon OS Security Update - PHSA-2020-3.0-0116

2020-07-20 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0309

2020-07-25 00:00:00

openvas

openSUSE: Security Advisory for tomcat (openSUSE-SU-2020:1111-1)

2020-07-30 00:00:00

Apache Tomcat Multiple DoS Vulnerabilities (Jul 2020) - Linux

2020-07-17 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:2037-1)

2021-04-19 00:00:00

cisa

Apache Releases Security Advisories for Apache Tomcat

2020-07-14 00:00:00

tomcat

Fixed in Apache Tomcat 9.0.37

2020-07-05 00:00:00

Fixed in Apache Tomcat 8.5.57

2020-07-05 00:00:00

Fixed in Apache Tomcat 10.0.0-M7

2020-07-05 00:00:00

redhat

(RHSA-2020:3308) Important: Red Hat JBoss Web Server 5.3.2 security update

2020-08-04 11:35:57

(RHSA-2020:3306) Important: Red Hat JBoss Web Server 5.3.2 security update

2020-08-04 11:21:34

(RHSA-2020:3806) Important: Red Hat support for Spring Boot 2.2.6.SP2 security update

2020-09-23 16:23:17

debian

[SECURITY] [DLA 2286-1] tomcat8 security update

2020-07-22 16:39:36

[SECURITY] [DSA 4627-1] tomcat9 security update

2020-07-17 18:07:40

suse

Security update for tomcat (important)

2020-07-29 00:00:00

kaspersky

KLA12083 DoS vulnerabilities in Apache Tomcat

2020-07-05 00:00:00

KLA12084 DoS vulnerability in Apache Tomcat

2020-07-07 00:00:00

osv

tomcat8 - security update

2020-07-22 00:00:00

tomcat9 - security update

2020-07-17 00:00:00

tomcat9 vulnerabilities

2020-10-21 13:55:35

amazon

Important: tomcat8

2020-07-27 23:58:00

Important: tomcat

2023-05-11 17:49:00

mageia

Updated tomcat packages fix security vulnerability

2020-08-18 21:47:25

freebsd

Apache Tomcat -- Multiple Vulnerabilities

2020-07-05 00:00:00

ibm

Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony

2020-08-17 09:36:06

Security Bulletin: App Connect Professional is affected by Apache Tomcat vulnerabilities.

2020-10-07 13:46:30

Security Bulletin: IBM UrbanCode Release is affected by CVE-2020-13935

2022-01-25 07:37:12

ubuntu

Tomcat vulnerabilities

2020-10-21 00:00:00

Tomcat vulnerabilities

2020-08-04 00:00:00

atlassian

Upgrade the bundled version of Apache Tomcat to 8.5.57

2020-07-17 15:19:11

Upgrade the bundled version of Apache Tomcat to 8.5.57

2020-07-17 15:19:11

Upgrade Tomcat to version 9.0.37

2020-06-29 13:40:00

prion

Design/Logic Flaw

2020-07-14 15:15:00

Denial of service

2020-07-14 15:15:00

Design/Logic Flaw

2020-09-09 14:15:00

cvelist

CVE-2020-13934

2020-07-14 14:59:11

CVE-2020-13935

2020-07-14 15:00:21

CVE-2020-14384

2020-09-09 13:17:28

cve

CVE-2020-13934

2020-07-14 15:15:11

CVE-2020-13935

2020-07-14 15:15:11

CVE-2020-14384

2020-09-09 14:15:12

ubuntucve

CVE-2020-13934

2020-07-14 00:00:00

CVE-2020-13935

2020-07-14 00:00:00

K38573130 : Apache Tomcat vulnerability CVE-2020-13934

2020-08-13 00:00:00

K45026834 : Apache Tomcat vulnerability CVE-2020-13935

2020-08-27 00:00:00

veracode

Denial Of Service (DoS)

2020-07-15 07:48:04

Denial Of Service (DoS)

2020-07-15 08:18:40

Denial-of-Service (DoS)

2020-09-15 01:53:24

nvd

CVE-2020-13934

2020-07-14 15:15:11

CVE-2020-13935

2020-07-14 15:15:11

CVE-2020-14384

2020-09-09 14:15:12

redhatcve

CVE-2020-13934

2020-07-15 06:08:06

CVE-2020-13935

2020-07-15 06:37:38

CVE-2024-24549

2024-03-14 21:40:09

debiancve

CVE-2020-13934

2020-07-14 15:15:11

CVE-2020-13935

2020-07-14 15:15:11

githubexploit

Exploit for Infinite Loop in Apache Tomcat

2020-11-02 14:48:55

github

Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

2022-02-08 22:05:00

Infinite Loop in Apache Tomcat

2022-02-08 22:05:17

centos

tomcat security update

2020-10-20 19:04:26

symantec

Apache Tomcat Vulnerabilities May 2020 - Mar 2021

2021-03-16 19:59:07

oraclelinux

tomcat security and bug fix update

2020-10-06 00:00:00

checkpoint_advisories

Web Servers Memory Corruption Attempt (CVE-2020-12000; CVE-2020-13934; CVE-2020-3239; CVE-2020-9490)

2020-12-28 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2021

2021-01-19 00:00:00

Oracle Critical Patch Update Advisory - July 2021

2021-07-20 00:00:00

Oracle Critical Patch Update Advisory - April 2021

2021-04-20 00:00:00