Search for packages
Package details: pkg:deb/ubuntu/tomcat8@8.5.30-1ubuntu1.2
purl pkg:deb/ubuntu/tomcat8@8.5.30-1ubuntu1.2
Next non-vulnerable version 8.5.39-1ubuntu1~18.04.3
Latest non-vulnerable version 8.5.39-1ubuntu1~18.04.3
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-2nrx-8urf-aaaf
Aliases:
CVE-2019-0221
GHSA-jjpq-gp5q-8q6w
Cross-site scripting in Apache Tomcat
8.5.39-1ubuntu1~18.04.3
Affected by 0 other vulnerabilities.
VCID-7c2n-n9ga-aaar
Aliases:
CVE-2018-8034
GHSA-46j3-r4pj-4835
The host name verification missing in Apache Tomcat
8.5.39-1ubuntu1~18.04.1
Affected by 2 other vulnerabilities.
VCID-7qs4-bekd-aaab
Aliases:
CVE-2018-11784
GHSA-5q99-f34m-67gc
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core
8.5.39-1ubuntu1~18.04.1
Affected by 2 other vulnerabilities.
VCID-983g-2nuz-aaaa
Aliases:
CVE-2019-10072
GHSA-q4hg-rmq2-52q9
Improper Locking in Apache Tomcat
8.5.39-1ubuntu1~18.04.3
Affected by 0 other vulnerabilities.
VCID-b2z1-15m4-aaac
Aliases:
CVE-2018-1336
GHSA-m59c-jpc8-m2x4
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder
8.5.39-1ubuntu1~18.04.1
Affected by 2 other vulnerabilities.
VCID-h3d2-7evg-aaac
Aliases:
CVE-2018-8037
GHSA-6v52-mj5r-7j2m
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core
8.5.39-1ubuntu1~18.04.1
Affected by 2 other vulnerabilities.
VCID-zxmb-hhr6-aaap
Aliases:
CVE-2019-0199
GHSA-qcxh-w3j9-58qr
Denial of Service in Tomcat
8.5.39-1ubuntu1~18.04.1
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-cp4z-y57s-aaah The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins CVE-2018-8014
GHSA-r4x2-3cq5-hqvp

Date Actor Action Vulnerability Source VulnerableCode Version