VulnerableCode Package Details - pkg:deb/ubuntu/tomcat8@8.5.39-1ubuntu1~18.04.1

Search for packages

Package details: pkg:deb/ubuntu/tomcat8@8.5.39-1ubuntu1~18.04.1

Essentials
History (0)

purl	pkg:deb/ubuntu/tomcat8@8.5.39-1ubuntu1~18.04.1

Next non-vulnerable version	8.5.39-1ubuntu1~18.04.3
Latest non-vulnerable version	8.5.39-1ubuntu1~18.04.3
Risk	10.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-2nrx-8urf-aaaf Aliases: CVE-2019-0221 GHSA-jjpq-gp5q-8q6w	Cross-site scripting in Apache Tomcat	8.5.39-1ubuntu1~18.04.3 Affected by 0 other vulnerabilities.
VCID-983g-2nuz-aaaa Aliases: CVE-2019-10072 GHSA-q4hg-rmq2-52q9	Improper Locking in Apache Tomcat	8.5.39-1ubuntu1~18.04.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (5)

Vulnerability	Summary	Aliases
VCID-7c2n-n9ga-aaar	The host name verification missing in Apache Tomcat	CVE-2018-8034 GHSA-46j3-r4pj-4835
VCID-7qs4-bekd-aaab	Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core	CVE-2018-11784 GHSA-5q99-f34m-67gc
VCID-b2z1-15m4-aaac	In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder	CVE-2018-1336 GHSA-m59c-jpc8-m2x4
VCID-h3d2-7evg-aaac	Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core	CVE-2018-8037 GHSA-6v52-mj5r-7j2m
VCID-zxmb-hhr6-aaap	Denial of Service in Tomcat	CVE-2019-0199 GHSA-qcxh-w3j9-58qr

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version