VulnerableCode Package Details - pkg:rpm/redhat/tomcat-native@1.2.8-11.redhat

Search for packages

Vulnerability	Summary	Fixed by
VCID-2sbh-sy57-3uez Aliases: CVE-2018-1304 GHSA-6rxj-58jh-436r	The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.	There are no reported fixed by versions.
VCID-c4jv-ws83-x7g2 Aliases: CVE-2017-12616 GHSA-8qq4-8jvq-mfw4	When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.	There are no reported fixed by versions.
VCID-fjxn-svsf-gqdx Aliases: CVE-2017-15698	security update	There are no reported fixed by versions.
VCID-g7bk-891a-uufy Aliases: CVE-2018-1305 GHSA-jx6h-3fjx-cgv5	Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.	There are no reported fixed by versions.
VCID-jdxe-krj9-8kax Aliases: CVE-2017-12613	apr: Out-of-bounds array deref in apr_time_exp*() functions	There are no reported fixed by versions.
VCID-q6hm-mmfs-zka5 Aliases: CVE-2017-12615 GHSA-pjfr-qf3p-3q25	When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.	There are no reported fixed by versions.
VCID-vdnj-sqmx-e3ep Aliases: CVE-2017-12617 GHSA-xjgh-84hx-56c5	When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-2sbh-sy57-3uez
Aliases:
CVE-2018-1304
GHSA-6rxj-58jh-436r

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.