CVE-2018-8034 - The host name verification when using TLS with the WebSocket client was missing. It is now enabled b

CVE-2018-8034

Summary

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

References

Vulnerable Configurations

cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.78:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.78:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.79:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.79:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.80:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.80:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.81:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.81:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.82:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.82:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.83:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.83:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.84:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.84:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.85:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.85:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.86:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.86:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.87:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.87:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.88:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.88:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.52:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.52:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m23:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m23:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m24:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m24:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m25:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m25:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m26:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m26:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m27:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m27:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.9:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 14-05-2019 - 17:29)
Impact:
Exploitability:

CWE

CWE-295

CAPEC

Creating a Rogue Certification Authority Certificate
An adversary exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The adversary specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The adversary then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the adversary which is signed with its private key. An adversary then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the adversary is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the adversary and of course any certificates that it signs. So the adversary is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec).

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1607580
title	CVE-2018-8034 tomcat: Host name verification missing in WebSocket client

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment tomcat is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205001
comment tomcat is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686002

AND

comment tomcat-admin-webapps is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205003
comment tomcat-admin-webapps is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686004

AND

comment tomcat-docs-webapp is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205005
comment tomcat-docs-webapp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686006

AND

comment tomcat-el-2.2-api is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205007
comment tomcat-el-2.2-api is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686008

AND

comment tomcat-javadoc is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205009
comment tomcat-javadoc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686010

AND

comment tomcat-jsp-2.2-api is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205011
comment tomcat-jsp-2.2-api is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686012

AND
comment tomcat-jsvc is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205013
comment tomcat-jsvc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686014
AND
comment tomcat-lib is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205015
comment tomcat-lib is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686016

AND

comment tomcat-servlet-3.0-api is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205017
comment tomcat-servlet-3.0-api is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686018

AND

comment tomcat-webapps is earlier than 0:7.0.76-9.el7
oval oval:com.redhat.rhsa:tst:20192205019
comment tomcat-webapps is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140686020

rhsa

id	RHSA-2019:2205
released	2019-08-06
severity	Moderate
title	RHSA-2019:2205: tomcat security, bug fix, and enhancement update (Moderate)

rhsa
id RHSA-2019:0130
rhsa
id RHSA-2019:0131
rhsa
id RHSA-2019:0450
rhsa
id RHSA-2019:0451
rhsa
id RHSA-2019:1159
rhsa
id RHSA-2019:1160
rhsa
id RHSA-2019:1161
rhsa
id RHSA-2019:1162
rhsa
id RHSA-2019:1529
rhsa
id RHSA-2019:3892

rpms

tomcat-native-0:1.2.17-18.redhat_18.ep7.el6
tomcat-native-0:1.2.17-18.redhat_18.ep7.el7
tomcat-native-debuginfo-0:1.2.17-18.redhat_18.ep7.el6
tomcat-native-debuginfo-0:1.2.17-18.redhat_18.ep7.el7
tomcat7-0:7.0.70-31.ep7.el6
tomcat7-0:7.0.70-31.ep7.el7
tomcat7-admin-webapps-0:7.0.70-31.ep7.el6
tomcat7-admin-webapps-0:7.0.70-31.ep7.el7
tomcat7-docs-webapp-0:7.0.70-31.ep7.el6
tomcat7-docs-webapp-0:7.0.70-31.ep7.el7
tomcat7-el-2.2-api-0:7.0.70-31.ep7.el6
tomcat7-el-2.2-api-0:7.0.70-31.ep7.el7
tomcat7-javadoc-0:7.0.70-31.ep7.el6
tomcat7-javadoc-0:7.0.70-31.ep7.el7
tomcat7-jsp-2.2-api-0:7.0.70-31.ep7.el6
tomcat7-jsp-2.2-api-0:7.0.70-31.ep7.el7
tomcat7-jsvc-0:7.0.70-31.ep7.el6
tomcat7-jsvc-0:7.0.70-31.ep7.el7
tomcat7-lib-0:7.0.70-31.ep7.el6
tomcat7-lib-0:7.0.70-31.ep7.el7
tomcat7-log4j-0:7.0.70-31.ep7.el6
tomcat7-log4j-0:7.0.70-31.ep7.el7
tomcat7-selinux-0:7.0.70-31.ep7.el6
tomcat7-selinux-0:7.0.70-31.ep7.el7
tomcat7-servlet-3.0-api-0:7.0.70-31.ep7.el6
tomcat7-servlet-3.0-api-0:7.0.70-31.ep7.el7
tomcat7-webapps-0:7.0.70-31.ep7.el6
tomcat7-webapps-0:7.0.70-31.ep7.el7
tomcat8-0:8.0.36-35.ep7.el6
tomcat8-0:8.0.36-35.ep7.el7
tomcat8-admin-webapps-0:8.0.36-35.ep7.el6
tomcat8-admin-webapps-0:8.0.36-35.ep7.el7
tomcat8-docs-webapp-0:8.0.36-35.ep7.el6
tomcat8-docs-webapp-0:8.0.36-35.ep7.el7
tomcat8-el-2.2-api-0:8.0.36-35.ep7.el6
tomcat8-el-2.2-api-0:8.0.36-35.ep7.el7
tomcat8-javadoc-0:8.0.36-35.ep7.el6
tomcat8-javadoc-0:8.0.36-35.ep7.el7
tomcat8-jsp-2.3-api-0:8.0.36-35.ep7.el6
tomcat8-jsp-2.3-api-0:8.0.36-35.ep7.el7
tomcat8-jsvc-0:8.0.36-35.ep7.el6
tomcat8-jsvc-0:8.0.36-35.ep7.el7
tomcat8-lib-0:8.0.36-35.ep7.el6
tomcat8-lib-0:8.0.36-35.ep7.el7
tomcat8-log4j-0:8.0.36-35.ep7.el6
tomcat8-log4j-0:8.0.36-35.ep7.el7
tomcat8-selinux-0:8.0.36-35.ep7.el6
tomcat8-selinux-0:8.0.36-35.ep7.el7
tomcat8-servlet-3.1-api-0:8.0.36-35.ep7.el6
tomcat8-servlet-3.1-api-0:8.0.36-35.ep7.el7
tomcat8-webapps-0:8.0.36-35.ep7.el6
tomcat8-webapps-0:8.0.36-35.ep7.el7
jws5-ecj-0:4.6.1-6.redhat_1.1.el6jws
jws5-ecj-0:4.6.1-6.redhat_1.1.el7jws
jws5-javapackages-tools-0:3.4.1-5.15.10.el6jws
jws5-javapackages-tools-0:3.4.1-5.15.10.el7jws
jws5-jboss-logging-0:3.3.1-5.Final_redhat_1.1.el6jws
jws5-jboss-logging-0:3.3.1-5.Final_redhat_1.1.el7jws
jws5-mod_cluster-0:1.4.0-9.Final_redhat_1.1.el6jws
jws5-mod_cluster-0:1.4.0-9.Final_redhat_1.1.el7jws
jws5-mod_cluster-tomcat-0:1.4.0-9.Final_redhat_1.1.el6jws
jws5-mod_cluster-tomcat-0:1.4.0-9.Final_redhat_1.1.el7jws
jws5-python-javapackages-0:3.4.1-5.15.10.el6jws
jws5-python-javapackages-0:3.4.1-5.15.10.el7jws
jws5-tomcat-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-admin-webapps-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-admin-webapps-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-docs-webapp-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-docs-webapp-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-el-3.0-api-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-el-3.0-api-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-javadoc-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-javadoc-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-jsp-2.3-api-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-jsp-2.3-api-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-jsvc-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-jsvc-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-lib-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-lib-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-native-0:1.2.17-26.redhat_26.el6jws
jws5-tomcat-native-0:1.2.17-26.redhat_26.el7jws
jws5-tomcat-native-debuginfo-0:1.2.17-26.redhat_26.el6jws
jws5-tomcat-native-debuginfo-0:1.2.17-26.redhat_26.el7jws
jws5-tomcat-selinux-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-selinux-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-servlet-4.0-api-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-servlet-4.0-api-0:9.0.7-17.redhat_16.1.el7jws
jws5-tomcat-vault-0:1.1.7-5.Final_redhat_2.1.el6jws
jws5-tomcat-vault-0:1.1.7-5.Final_redhat_2.1.el7jws
jws5-tomcat-vault-javadoc-0:1.1.7-5.Final_redhat_2.1.el6jws
jws5-tomcat-vault-javadoc-0:1.1.7-5.Final_redhat_2.1.el7jws
jws5-tomcat-webapps-0:9.0.7-17.redhat_16.1.el6jws
jws5-tomcat-webapps-0:9.0.7-17.redhat_16.1.el7jws
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el5
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el5
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el5
ironjacamar-common-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-common-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-common-spi-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-core-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-core-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-deployers-common-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-jdbc-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-spec-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
ironjacamar-validator-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el5
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el5
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el5
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el5
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el5
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el5
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el5
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el6
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el6
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el6
ironjacamar-common-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-common-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-common-spi-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-core-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-core-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-deployers-common-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-jdbc-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-spec-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
ironjacamar-validator-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el6
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el6
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el6
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el6
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el6
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el6
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el6
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el7
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el7
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el7
ironjacamar-common-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-common-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-common-spi-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-core-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-core-impl-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-deployers-common-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-jdbc-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-spec-api-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
ironjacamar-validator-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el7
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el7
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el7
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el7
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el7
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el7
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el7
apache-commons-collections-0:3.2.2-10.module+el8.0.0+3248+9d514f3b
apache-commons-lang-0:2.6-21.module+el8.0.0+3248+9d514f3b
bea-stax-api-0:1.2.0-16.module+el8.0.0+3248+9d514f3b
glassfish-fastinfoset-0:1.2.13-9.module+el8.0.0+3248+9d514f3b
glassfish-jaxb-api-0:2.2.12-8.module+el8.0.0+3248+9d514f3b
glassfish-jaxb-core-0:2.2.11-11.module+el8.0.0+3248+9d514f3b
glassfish-jaxb-runtime-0:2.2.11-11.module+el8.0.0+3248+9d514f3b
glassfish-jaxb-txw2-0:2.2.11-11.module+el8.0.0+3248+9d514f3b
jackson-annotations-0:2.9.8-1.module+el8.0.0+3248+9d514f3b
jackson-core-0:2.9.8-1.module+el8.0.0+3248+9d514f3b
jackson-databind-0:2.9.8-1.module+el8.0.0+3248+9d514f3b
jackson-jaxrs-json-provider-0:2.9.8-1.module+el8.0.0+3248+9d514f3b
jackson-jaxrs-providers-0:2.9.8-1.module+el8.0.0+3248+9d514f3b
jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.0.0+3248+9d514f3b
jakarta-commons-httpclient-1:3.1-28.module+el8.0.0+3248+9d514f3b
javassist-0:3.18.1-8.module+el8.0.0+3248+9d514f3b
javassist-javadoc-0:3.18.1-8.module+el8.0.0+3248+9d514f3b
pki-servlet-4.0-api-1:9.0.7-14.module+el8.0.0+3248+9d514f3b
pki-servlet-container-1:9.0.7-14.module+el8.0.0+3248+9d514f3b
python-nss-debugsource-0:1.0.1-10.module+el8.0.0+3248+9d514f3b
python-nss-doc-0:1.0.1-10.module+el8.0.0+3248+9d514f3b
python3-nss-0:1.0.1-10.module+el8.0.0+3248+9d514f3b
python3-nss-debuginfo-0:1.0.1-10.module+el8.0.0+3248+9d514f3b
relaxngDatatype-0:2011.1-7.module+el8.0.0+3248+9d514f3b
resteasy-0:3.0.26-3.module+el8.0.0+3248+9d514f3b
slf4j-0:1.7.25-4.module+el8.0.0+3248+9d514f3b
slf4j-jdk14-0:1.7.25-4.module+el8.0.0+3248+9d514f3b
stax-ex-0:1.7.7-8.module+el8.0.0+3248+9d514f3b
velocity-0:1.7-24.module+el8.0.0+3248+9d514f3b
xalan-j2-0:2.7.1-38.module+el8.0.0+3248+9d514f3b
xerces-j2-0:2.11.0-34.module+el8.0.0+3248+9d514f3b
xml-commons-apis-0:1.4.01-25.module+el8.0.0+3248+9d514f3b
xml-commons-resolver-0:1.2-26.module+el8.0.0+3248+9d514f3b
xmlstreambuffer-0:1.5.4-8.module+el8.0.0+3248+9d514f3b
xsom-0:0-19.20110809svn.module+el8.0.0+3248+9d514f3b
tomcat-0:7.0.76-9.el7
tomcat-admin-webapps-0:7.0.76-9.el7
tomcat-docs-webapp-0:7.0.76-9.el7
tomcat-el-2.2-api-0:7.0.76-9.el7
tomcat-javadoc-0:7.0.76-9.el7
tomcat-jsp-2.2-api-0:7.0.76-9.el7
tomcat-jsvc-0:7.0.76-9.el7
tomcat-lib-0:7.0.76-9.el7
tomcat-servlet-3.0-api-0:7.0.76-9.el7
tomcat-webapps-0:7.0.76-9.el7

refmap via4

bid	104895
confirm	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://security.netapp.com/advisory/ntap-20180817-0001/
debian	DSA-4281
misc	https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
mlist	[activemq-issues] 20190723 [jira] [Created] (AMQ-7249) Security Vulnerabilities in the ActiveMQ dependent jars. [debian-lts-announce] 20180730 [SECURITY] [DLA 1453-1] tomcat7 security update [debian-lts-announce] 20180902 [SECURITY] [DLA 1491-1] tomcat8 security update [tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ [tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ [tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ [tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ [tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ [tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ [tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/ [tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/ [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ [tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/ [tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/ [www-announce] 20180722 [SECURITY] CVE-2018-8034 Apache Tomcat - Security Constraint Bypass
sectrack	1041374
ubuntu	USN-3723-1

Last major update

14-05-2019 - 17:29

Published

01-08-2018 - 18:29

Last modified

14-05-2019 - 17:29