Red Hat Security Advisory 2019-2205-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies.
f96edb5fc14ab2e42f8e92f288425a6036cbaf041f5349ff45e21fa23565b6f1
1Password versions prior to 7.0 suffer from a denial of service vulnerability.
ef142489adece1b1e6f31f1812ddee20236f26a770e4f0a467699df795f8c7da
Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.
2191ee618f205f47d949b3798efa5fd260cfb4e592d66b79ca96cc83ced25bff
Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.
df886e50a83354eaf0614cdf4bb930a04577e8f124f9e750b2d4ca2e9e06e04e
Debian Linux Security Advisory 4281-1 - Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.
604c5094b1c4bc66945081a57708d07c2e803518e043a3487002861f782bc32c
Ubuntu Security Notice 3704-1 - It was discovered that devscripts incorrectly handled certain YAML files. An attacker could possibly use this to execute arbitrary code.
a16655925322ab5e126d0d9869ac6db0dfac77a986cb37a44b5f0fe6bcf64e0c
Ubuntu Security Notice 3665-1 - It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that Tomcat contained incorrect documentation regarding description of the search algorithm used by the CGI Servlet to identify which script to execute. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
adc3401f4c6099499fc7f32dd5cfa60804e4fe107e205fa1ebecec9060700bf5
Red Hat Security Advisory 2018-1448-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
3c0c1ca65d59c2c4e54c42628e2675bc4b0c3a29236da3e884ab31d478a28679
Red Hat Security Advisory 2018-1449-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
f070e28e8e82699624cb25ee0c2660f74d5f3385a6584e52ebfcc2f6d8983c73
Red Hat Security Advisory 2018-1447-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
bafa2c4701c1956e519818e15b5819d0d12df2733c02541185a265d7a4fd8c69
Red Hat Security Advisory 2018-1451-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19. Issues addressed include code execution and traversal vulnerabilities.
071f79f013467ccb6e777f227def5d0666e250099e79aecdeacde603e7f87b14
Red Hat Security Advisory 2018-1450-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
df4e2952c8fb6dd18bda14d8ee9ce25b96718185533685523d56a0e9fd70c167
Red Hat Security Advisory 2018-1320-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.12 serves as a replacement for RHOAR Spring Boot 1.5.10, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a traversal vulnerability.
dda23c55eb322f14c521610d328717d78eddc9f5c5d9cbcd1faa007d32bb490f
Red Hat Security Advisory 2018-0465-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Multiple security issues have been addressed.
fc2ac908d0bafcba8906caa1a1fcfa1bcf09381311da134d34b27b4e2a339c72
Red Hat Security Advisory 2018-0466-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 2 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Multiple security issues have been addressed.
68179df4be23fc5ae853a6269f702f02d3b88b7dda20c7e7f949e30659effdff