Lucene search

K

Veracode Vulnerability DatabaseVERACODE:3871

HistoryApr 11, 2017 - 2:17 a.m.

Information Disclosure

2017-04-1102:17:12

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

0.004 Low

EPSS

Percentile

72.2%

Tomcat is vulnerable to information disclosure. The library does not use the appropriate facade object when making calls to certain application listeners. This allows an untrusted application to retain a reference to the object and access or modify the associated information.

CPENameOperatorVersion
tomcat-catalinale7.0.75
tomcat-catalinale9.0.0.M17
tomcat-catalinale8.5.11
tomcat-catalinale8.0.41
tomcat-embed-corele7.0.75
tomcat-embed-corele9.0.0.M17
tomcat-embed-corele8.5.11
tomcat-embed-corele8.0.41
tomcat8eq8.0.18__25_patch_00.ep7.el6
tomcat8eq8.0.18__62_patch_01.ep7.el6

Rows per page:

1-10 of 691

References

seclists.org/bugtraq/2017/Apr/37

svn.apache.org/viewvc?view=revision&revision=1785774

tomcat.apache.org/security-9.html

www.debian.org/security/2017/dsa-3842

www.debian.org/security/2017/dsa-3843

www.openwall.com/lists/oss-security/2020/07/20/8

www.securityfocus.com/bid/97530

www.securitytracker.com/id/1038220

access.redhat.com/errata/RHSA-2017:1801

access.redhat.com/errata/RHSA-2017:1802

access.redhat.com/errata/RHSA-2017:1809

bz.apache.org/bugzilla/show_bug.cgi?id=60718

lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E

lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

security.gentoo.org/glsa/201705-09

security.netapp.com/advisory/ntap-20180614-0001/

0.004 Low

EPSS

Percentile

72.2%

Related for VERACODE:3871

ubuntucve1 debiancve1 osv5 nessus21 f51 tomcat4 cve1 openvas19 nvd1 ibm12 redhatcve1 prion1 cvelist1 github1 amazon2 debian5 mageia1 centos1 redhat3 oraclelinux1 suse4 cisa1 ubuntu1 fedora3 symantec1 atlassian2 gentoo1