Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2014-7810
Vulnerability from cvelistv5
Published
2015-06-07 23:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:03:26.984Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:0492", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { name: "USN-2654-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2654-1", }, { name: "RHSA-2015:1622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { name: "DSA-3530", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3530", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-7.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { name: "HPSBUX03561", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-8.html", }, { name: "DSA-3428", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3428", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "74665", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74665", }, { name: "1032330", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032330", }, { name: "USN-2655-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2655-1", }, { name: "RHSA-2015:1621", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { name: "DSA-3447", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3447", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-14T00:00:00", descriptions: [ { lang: "en", value: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-13T16:10:04", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:0492", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { name: "USN-2654-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2654-1", }, { name: "RHSA-2015:1622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { name: "DSA-3530", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3530", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-7.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { name: "HPSBUX03561", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-8.html", }, { name: "DSA-3428", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3428", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "74665", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74665", }, { name: "1032330", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032330", }, { name: "USN-2655-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2655-1", }, { name: "RHSA-2015:1621", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { name: "DSA-3447", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3447", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-7810", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:0492", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { name: "USN-2654-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2654-1", }, { name: "RHSA-2015:1622", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1644018", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { name: "DSA-3530", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3530", }, { name: "http://tomcat.apache.org/security-7.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-7.html", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1645642", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { name: "HPSBUX03561", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { name: "RHSA-2016:2046", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { name: "http://tomcat.apache.org/security-8.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-8.html", }, { name: "DSA-3428", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3428", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-6.html", }, { name: "74665", refsource: "BID", url: "http://www.securityfocus.com/bid/74665", }, { name: "1032330", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032330", }, { name: "USN-2655-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2655-1", }, { name: "RHSA-2015:1621", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { name: "DSA-3447", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3447", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-7810", datePublished: "2015-06-07T23:00:00", dateReserved: "2014-10-03T00:00:00", dateUpdated: "2024-08-06T13:03:26.984Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E3C039-A949-4F1B-892A-57147EECB249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F28C7801-41B9-4552-BA1E-577967BCBBEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B21085-7259-4685-9D1F-FF98E6489E10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"635EE321-2A1F-4FF8-95BE-0C26591969D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"06217215-72E4-4478-BACB-628A0836A645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11951A10-39A2-4FF5-8C43-DF94730FB794\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B79F2EA-C893-4359-80EC-24AE38D982E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B6B0504-27C1-4824-A928-A878CBBAB32D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D903956B-14F5-4177-AF12-0A5F1846D3C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A61429EE-4331-430C-9830-58DCCBCBCB58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4945C8C1-C71B-448B-9075-07C6C92599CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8DE8A8A-7643-4292-BCC1-758AE0940207\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D87EFB6D-B626-469F-907C-40C771A55833\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F8C62EF-1B67-456A-9C66-755439CF8556\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"33E9607B-4D28-460D-896B-E4B7FA22441E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A819E245-D641-4F19-9139-6C940504F6E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"81A31CA0-A209-4C49-AA06-C38E165E5B68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7205475A-6D04-4042-B24E-1DA5A57029B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08022987-B36B-4F63-88A5-A8F59195DF4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AA563BF-A67A-477D-956A-167ABEF885C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF4B7557-EF35-451E-B55D-3296966695AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8980E61E-27BE-4858-82B3-C0E8128AF521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8756BF9B-3E24-4677-87AE-31CE776541F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F194580-EE6D-4E38-87F3-F0661262256B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F74A421-D019-4248-84B8-C70D4D9A8A95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05346F5A-FB52-4376-AAC7-9A5308216545\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"305688F2-50A6-41FB-8614-BC589DB9A789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25966344-15D5-4101-9346-B06BFD2DFFF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D4F710E-06EA-48F4-AC6A-6F143950F015\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C4936C2-0B2D-4C44-98C3-443090965F5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48453405-2319-4327-9F4C-6F70B49452C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4670E65-2E11-49A4-B661-57C2F60D411F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31002A23-4788-4BC7-AE11-A3C2AA31716D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7144EDDF-8265-4642-8EEB-ED52527E0A26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D731065-626B-4425-8E49-F708DD457824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3D850EA-E537-42C8-93B9-96E15CB26747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D395D95B-1F4A-420E-A0F6-609360AF7B69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA8A7333-B4C3-4876-AE01-62F2FD315504\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92993E23-D805-407B-8B87-11CEEE8B212F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"595442D0-9DB7-475A-AE30-8535B70E122E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C947E549-2459-4AFB-84A7-36BDA30B5F29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7EF0518-73F9-47DB-8946-A8334936BEFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95AA8778-7833-4572-A71B-5FD89938CE94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4752862B-7D26-4285-B8A0-CF082C758353\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\", \"matchCriteriaId\": \"58EA7199-3373-4F97-9907-3A479A02155E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFF96F96-34DB-4EB3-BF59-11220673FA26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E008F8-2F01-4DD8-853A-337B4B4163C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"701424A2-BB06-44B5-B468-7164E4F95529\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E3C039-A949-4F1B-892A-57147EECB249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F28C7801-41B9-4552-BA1E-577967BCBBEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B21085-7259-4685-9D1F-FF98E6489E10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"635EE321-2A1F-4FF8-95BE-0C26591969D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"06217215-72E4-4478-BACB-628A0836A645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11951A10-39A2-4FF5-8C43-DF94730FB794\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B79F2EA-C893-4359-80EC-24AE38D982E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B6B0504-27C1-4824-A928-A878CBBAB32D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D903956B-14F5-4177-AF12-0A5F1846D3C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A61429EE-4331-430C-9830-58DCCBCBCB58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4945C8C1-C71B-448B-9075-07C6C92599CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8DE8A8A-7643-4292-BCC1-758AE0940207\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D87EFB6D-B626-469F-907C-40C771A55833\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F8C62EF-1B67-456A-9C66-755439CF8556\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"33E9607B-4D28-460D-896B-E4B7FA22441E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A819E245-D641-4F19-9139-6C940504F6E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"81A31CA0-A209-4C49-AA06-C38E165E5B68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7205475A-6D04-4042-B24E-1DA5A57029B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08022987-B36B-4F63-88A5-A8F59195DF4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AA563BF-A67A-477D-956A-167ABEF885C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF4B7557-EF35-451E-B55D-3296966695AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8980E61E-27BE-4858-82B3-C0E8128AF521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8756BF9B-3E24-4677-87AE-31CE776541F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F194580-EE6D-4E38-87F3-F0661262256B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F74A421-D019-4248-84B8-C70D4D9A8A95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05346F5A-FB52-4376-AAC7-9A5308216545\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"305688F2-50A6-41FB-8614-BC589DB9A789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25966344-15D5-4101-9346-B06BFD2DFFF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D4F710E-06EA-48F4-AC6A-6F143950F015\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C4936C2-0B2D-4C44-98C3-443090965F5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48453405-2319-4327-9F4C-6F70B49452C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4670E65-2E11-49A4-B661-57C2F60D411F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31002A23-4788-4BC7-AE11-A3C2AA31716D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7144EDDF-8265-4642-8EEB-ED52527E0A26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D731065-626B-4425-8E49-F708DD457824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3D850EA-E537-42C8-93B9-96E15CB26747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D395D95B-1F4A-420E-A0F6-609360AF7B69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA8A7333-B4C3-4876-AE01-62F2FD315504\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92993E23-D805-407B-8B87-11CEEE8B212F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"595442D0-9DB7-475A-AE30-8535B70E122E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C947E549-2459-4AFB-84A7-36BDA30B5F29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7EF0518-73F9-47DB-8946-A8334936BEFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95AA8778-7833-4572-A71B-5FD89938CE94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4752862B-7D26-4285-B8A0-CF082C758353\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\", \"matchCriteriaId\": \"58EA7199-3373-4F97-9907-3A479A02155E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFF96F96-34DB-4EB3-BF59-11220673FA26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E008F8-2F01-4DD8-853A-337B4B4163C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"701424A2-BB06-44B5-B468-7164E4F95529\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FC82871-E47F-4431-AAE0-A714D7D22670\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protecci\\u00f3n SecurityManager a trav\\u00e9s de una aplicaci\\u00f3n web que aprovecha el uso de privilegios incorrectos durante la evaluaci\\u00f3n EL.\"}]", id: "CVE-2014-7810", lastModified: "2024-11-21T02:18:03.213", metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2015-06-07T23:59:03.580", references: "[{\"url\": \"http://marc.info/?l=bugtraq&m=145974991225029&w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1621.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1622.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0492.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2046.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://svn.apache.org/viewvc?view=revision&revision=1644018\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://svn.apache.org/viewvc?view=revision&revision=1645642\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://tomcat.apache.org/security-6.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-7.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-8.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3428\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3447\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3530\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/74665\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id/1032330\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2654-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2655-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=145974991225029&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1621.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1622.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0492.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2046.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://svn.apache.org/viewvc?view=revision&revision=1644018\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://svn.apache.org/viewvc?view=revision&revision=1645642\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://tomcat.apache.org/security-6.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-7.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-8.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3428\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3447\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3530\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/74665\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1032330\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2654-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2655-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2014-7810\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-06-07T23:59:03.580\",\"lastModified\":\"2024-11-21T02:18:03.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.\"},{\"lang\":\"es\",\"value\":\"La implementación Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protección SecurityManager a través de una aplicación web que aprovecha el uso de privilegios incorrectos durante la evaluación EL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC82871-E47F-4431-AAE0-A714D7D22670\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq&m=145974991225029&w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision&revision=1644018\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision&revision=1645642\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq&m=145974991225029&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision&revision=1644018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision&revision=1645642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
gsd-2014-7810
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
Aliases
Aliases
{ GSD: { alias: "CVE-2014-7810", description: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", id: "GSD-2014-7810", references: [ "https://www.suse.com/security/cve/CVE-2014-7810.html", "https://www.debian.org/security/2016/dsa-3530", "https://www.debian.org/security/2016/dsa-3447", "https://www.debian.org/security/2015/dsa-3428", "https://access.redhat.com/errata/RHSA-2016:2046", "https://access.redhat.com/errata/RHSA-2016:0492", "https://access.redhat.com/errata/RHSA-2015:1622", "https://access.redhat.com/errata/RHSA-2015:1621", "https://ubuntu.com/security/CVE-2014-7810", "https://alas.aws.amazon.com/cve/html/CVE-2014-7810.html", "https://linux.oracle.com/cve/CVE-2014-7810.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2014-7810", ], details: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", id: "GSD-2014-7810", modified: "2023-12-13T01:22:46.967638Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-7810", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:0492", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { name: "USN-2654-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2654-1", }, { name: "RHSA-2015:1622", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1644018", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { name: "DSA-3530", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3530", }, { name: "http://tomcat.apache.org/security-7.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-7.html", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1645642", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { name: "HPSBUX03561", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { name: "RHSA-2016:2046", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { name: "http://tomcat.apache.org/security-8.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-8.html", }, { name: "DSA-3428", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3428", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-6.html", }, { name: "74665", refsource: "BID", url: "http://www.securityfocus.com/bid/74665", }, { name: "1032330", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032330", }, { name: "USN-2655-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2655-1", }, { name: "RHSA-2015:1621", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { name: "DSA-3447", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3447", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "[6.0.0,6.0.44),[7.0.0,7.0.58),[8.0.0,8.0.16)", affected_versions: "All versions starting from 6.0.0 before 6.0.44, all versions starting from 7.0.0 before 7.0.58, all versions starting from 8.0.0 before 8.0.16", cvss_v2: "AV:N/AC:L/Au:N/C:N/I:P/A:N", cwe_ids: [ "CWE-1035", "CWE-284", "CWE-937", ], date: "2022-07-06", description: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", fixed_versions: [ "6.0.44", "7.0.58", "8.0.16", ], identifier: "CVE-2014-7810", identifiers: [ "GHSA-4c43-cwvx-9crh", "CVE-2014-7810", ], not_impacted: "All versions before 6.0.0, all versions starting from 6.0.44 before 7.0.0, all versions starting from 7.0.58 before 8.0.0, all versions starting from 8.0.16", package_slug: "maven/org.apache.tomcat/tomcat", pubdate: "2022-05-14", solution: "Upgrade to versions 6.0.44, 7.0.58, 8.0.16 or above.", title: "Improper Access Control", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", "http://marc.info/?l=bugtraq&m=145974991225029&w=2", "http://rhn.redhat.com/errata/RHSA-2015-1621.html", "http://rhn.redhat.com/errata/RHSA-2015-1622.html", "http://rhn.redhat.com/errata/RHSA-2016-0492.html", "http://rhn.redhat.com/errata/RHSA-2016-2046.html", "http://svn.apache.org/viewvc?view=revision&revision=1644018", "http://svn.apache.org/viewvc?view=revision&revision=1645642", "http://tomcat.apache.org/security-6.html", "http://tomcat.apache.org/security-7.html", "http://tomcat.apache.org/security-8.html", "http://www.debian.org/security/2015/dsa-3428", "http://www.debian.org/security/2016/dsa-3447", "http://www.debian.org/security/2016/dsa-3530", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "http://www.ubuntu.com/usn/USN-2654-1", "http://www.ubuntu.com/usn/USN-2655-1", "https://github.com/advisories/GHSA-4c43-cwvx-9crh", ], uuid: "7db102f6-3997-4435-b4bc-dd430ebccd59", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-7810", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "http://svn.apache.org/viewvc?view=revision&revision=1644018", refsource: "CONFIRM", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { name: "http://svn.apache.org/viewvc?view=revision&revision=1645642", refsource: "CONFIRM", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "http://tomcat.apache.org/security-8.html", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { name: "http://tomcat.apache.org/security-7.html", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { name: "DSA-3530", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3530", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { name: "HPSBUX03561", refsource: "HP", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", tags: [], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "RHSA-2016:2046", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", tags: [], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", refsource: "CONFIRM", tags: [], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "74665", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/74665", }, { name: "RHSA-2016:0492", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { name: "DSA-3428", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2015/dsa-3428", }, { name: "DSA-3447", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2016/dsa-3447", }, { name: "RHSA-2015:1622", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { name: "RHSA-2015:1621", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { name: "USN-2655-1", refsource: "UBUNTU", tags: [], url: "http://www.ubuntu.com/usn/USN-2655-1", }, { name: "1032330", refsource: "SECTRACK", tags: [], url: "http://www.securitytracker.com/id/1032330", }, { name: "USN-2654-1", refsource: "UBUNTU", tags: [], url: "http://www.ubuntu.com/usn/USN-2654-1", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", refsource: "CONFIRM", tags: [], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2019-04-15T16:30Z", publishedDate: "2015-06-07T23:59Z", }, }, }
suse-su-2015:1281-1
Vulnerability from csaf_suse
Published
2015-06-18 06:59
Modified
2015-06-18 06:59
Summary
Security update for tomcat
Notes
Title of the patch
Security update for tomcat
Description of the patch
This update fixes the following security issue:
- CVE-2014-7810: Security manager bypass via EL expression (bnc#931442)
Patchnames
SUSE-SLE-SERVER-12-2015-336
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for tomcat", title: "Title of the patch", }, { category: "description", text: "\n This update fixes the following security issue:\n - CVE-2014-7810: Security manager bypass via EL expression (bnc#931442)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-SERVER-12-2015-336", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1281-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:1281-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20151281-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:1281-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-July/001506.html", }, { category: "self", summary: "SUSE Bug 931442", url: "https://bugzilla.suse.com/931442", }, { category: "self", summary: "SUSE CVE CVE-2014-7810 page", url: "https://www.suse.com/security/cve/CVE-2014-7810/", }, ], title: "Security update for tomcat", tracking: { current_release_date: "2015-06-18T06:59:00Z", generator: { date: "2015-06-18T06:59:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:1281-1", initial_release_date: "2015-06-18T06:59:00Z", revision_history: [ { date: "2015-06-18T06:59:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "tomcat-7.0.55-8.2.noarch", product: { name: "tomcat-7.0.55-8.2.noarch", product_id: "tomcat-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-admin-webapps-7.0.55-8.2.noarch", product: { name: "tomcat-admin-webapps-7.0.55-8.2.noarch", product_id: "tomcat-admin-webapps-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-docs-webapp-7.0.55-8.2.noarch", product: { name: "tomcat-docs-webapp-7.0.55-8.2.noarch", product_id: "tomcat-docs-webapp-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-el-2_2-api-7.0.55-8.2.noarch", product: { name: "tomcat-el-2_2-api-7.0.55-8.2.noarch", product_id: "tomcat-el-2_2-api-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-javadoc-7.0.55-8.2.noarch", product: { name: "tomcat-javadoc-7.0.55-8.2.noarch", product_id: "tomcat-javadoc-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch", product: { name: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch", product_id: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-lib-7.0.55-8.2.noarch", product: { name: "tomcat-lib-7.0.55-8.2.noarch", product_id: "tomcat-lib-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch", product: { name: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch", product_id: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch", }, }, { category: "product_version", name: "tomcat-webapps-7.0.55-8.2.noarch", product: { name: "tomcat-webapps-7.0.55-8.2.noarch", product_id: "tomcat-webapps-7.0.55-8.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12", product: { name: "SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12", product_identification_helper: { cpe: "cpe:/o:suse:sles:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch", }, product_reference: "tomcat-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch", }, product_reference: "tomcat-admin-webapps-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch", }, product_reference: "tomcat-docs-webapp-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-el-2_2-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch", }, product_reference: "tomcat-javadoc-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch", }, product_reference: "tomcat-lib-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch", }, product_reference: "tomcat-webapps-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch", }, product_reference: "tomcat-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch", }, product_reference: "tomcat-admin-webapps-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch", }, product_reference: "tomcat-docs-webapp-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-el-2_2-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch", }, product_reference: "tomcat-javadoc-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-jsp-2_2-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch", }, product_reference: "tomcat-lib-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", }, product_reference: "tomcat-servlet-3_0-api-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch", }, product_reference: "tomcat-webapps-7.0.55-8.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-7810", }, ], notes: [ { category: "general", text: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-7810", url: "https://www.suse.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "SUSE Bug 931442 for CVE-2014-7810", url: "https://bugzilla.suse.com/931442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch", ], }, ], threats: [ { category: "impact", date: "2015-06-18T06:59:00Z", details: "moderate", }, ], title: "CVE-2014-7810", }, ], }
suse-su-2015:1337-1
Vulnerability from csaf_suse
Published
2013-08-02 13:29
Modified
2013-08-02 13:29
Summary
Security update for tomcat6
Notes
Title of the patch
Security update for tomcat6
Description of the patch
This update of tomcat6 fixes:
* apache-tomcat-CVE-2012-3544.patch (bnc#831119)
* use chown --no-dereference to prevent symlink attacks on log
(bnc#822177#c7/prevents CVE-2013-1976)
* Fix tomcat init scripts generating malformed classpath (
http://youtrack.jetbrains.com/issue/JT-18545
<http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch
from m407)
* fix a typo in initscript (bnc#768772 )
* copy all shell scripts (bnc#818948)
Security Issue references:
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2013-1976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>
* CVE-2012-0022
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>
Patchnames
slessp3-tomcat6
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for tomcat6", title: "Title of the patch", }, { category: "description", text: "\nThis update of tomcat6 fixes:\n\n * apache-tomcat-CVE-2012-3544.patch (bnc#831119)\n * use chown --no-dereference to prevent symlink attacks on log\n (bnc#822177#c7/prevents CVE-2013-1976)\n * Fix tomcat init scripts generating malformed classpath (\n http://youtrack.jetbrains.com/issue/JT-18545\n <http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch\n from m407)\n * fix a typo in initscript (bnc#768772 )\n * copy all shell scripts (bnc#818948)\n\nSecurity Issue references:\n\n * CVE-2012-3544\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>\n * CVE-2013-1976\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>\n * CVE-2012-0022\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>\n\n", title: "Description of the patch", }, { category: "details", text: "slessp3-tomcat6", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1337-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:1337-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20151337-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:1337-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-August/001523.html", }, { category: "self", summary: "SUSE Bug 768772", url: "https://bugzilla.suse.com/768772", }, { category: "self", summary: "SUSE Bug 804992", url: "https://bugzilla.suse.com/804992", }, { category: "self", summary: "SUSE Bug 818948", url: "https://bugzilla.suse.com/818948", }, { category: "self", summary: "SUSE Bug 822177", url: "https://bugzilla.suse.com/822177", }, { category: "self", summary: "SUSE Bug 831119", url: "https://bugzilla.suse.com/831119", }, { category: "self", summary: "SUSE Bug 906152", url: "https://bugzilla.suse.com/906152", }, { category: "self", summary: "SUSE Bug 917127", url: "https://bugzilla.suse.com/917127", }, { category: "self", summary: "SUSE Bug 918195", url: "https://bugzilla.suse.com/918195", }, { category: "self", summary: "SUSE Bug 926762", url: "https://bugzilla.suse.com/926762", }, { category: "self", summary: "SUSE Bug 931442", url: "https://bugzilla.suse.com/931442", }, { category: "self", summary: "SUSE Bug 932698", url: "https://bugzilla.suse.com/932698", }, { category: "self", summary: "SUSE CVE CVE-2012-0022 page", url: "https://www.suse.com/security/cve/CVE-2012-0022/", }, { category: "self", summary: "SUSE CVE CVE-2012-3544 page", url: "https://www.suse.com/security/cve/CVE-2012-3544/", }, { category: "self", summary: "SUSE CVE CVE-2013-1976 page", url: "https://www.suse.com/security/cve/CVE-2013-1976/", }, { category: "self", summary: "SUSE CVE CVE-2014-0227 page", url: "https://www.suse.com/security/cve/CVE-2014-0227/", }, { category: "self", summary: "SUSE CVE CVE-2014-0230 page", url: "https://www.suse.com/security/cve/CVE-2014-0230/", }, { category: "self", summary: "SUSE CVE CVE-2014-7810 page", url: "https://www.suse.com/security/cve/CVE-2014-7810/", }, ], title: "Security update for tomcat6", tracking: { current_release_date: "2013-08-02T13:29:14Z", generator: { date: "2013-08-02T13:29:14Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:1337-1", initial_release_date: "2013-08-02T13:29:14Z", revision_history: [ { date: "2013-08-02T13:29:14Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "tomcat6-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-lib-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-lib-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-lib-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", }, }, { category: "product_version", name: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", product: { name: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", product_id: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3", product: { name: "SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product: { name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_identification_helper: { cpe: "cpe:/o:suse:sles:11:sp3:teradata", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-lib-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-lib-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-javadoc-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-lib-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", }, product_reference: "tomcat6-webapps-6.0.18-20.35.42.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2012-0022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0022", }, ], notes: [ { category: "general", text: "Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2012-0022", url: "https://www.suse.com/security/cve/CVE-2012-0022", }, { category: "external", summary: "SUSE Bug 742477 for CVE-2012-0022", url: "https://bugzilla.suse.com/742477", }, { category: "external", summary: "SUSE Bug 745056 for CVE-2012-0022", url: "https://bugzilla.suse.com/745056", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "moderate", }, ], title: "CVE-2012-0022", }, { cve: "CVE-2012-3544", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3544", }, ], notes: [ { category: "general", text: "Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2012-3544", url: "https://www.suse.com/security/cve/CVE-2012-3544", }, { category: "external", summary: "SUSE Bug 822177 for CVE-2012-3544", url: "https://bugzilla.suse.com/822177", }, { category: "external", summary: "SUSE Bug 831119 for CVE-2012-3544", url: "https://bugzilla.suse.com/831119", }, { category: "external", summary: "SUSE Bug 865746 for CVE-2012-3544", url: "https://bugzilla.suse.com/865746", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "low", }, ], title: "CVE-2012-3544", }, { cve: "CVE-2013-1976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1976", }, ], notes: [ { category: "general", text: "The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2013-1976", url: "https://www.suse.com/security/cve/CVE-2013-1976", }, { category: "external", summary: "SUSE Bug 822177 for CVE-2013-1976", url: "https://bugzilla.suse.com/822177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "moderate", }, ], title: "CVE-2013-1976", }, { cve: "CVE-2014-0227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0227", }, ], notes: [ { category: "general", text: "java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-0227", url: "https://www.suse.com/security/cve/CVE-2014-0227", }, { category: "external", summary: "SUSE Bug 917127 for CVE-2014-0227", url: "https://bugzilla.suse.com/917127", }, { category: "external", summary: "SUSE Bug 926762 for CVE-2014-0227", url: "https://bugzilla.suse.com/926762", }, { category: "external", summary: "SUSE Bug 988489 for CVE-2014-0227", url: "https://bugzilla.suse.com/988489", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "moderate", }, ], title: "CVE-2014-0227", }, { cve: "CVE-2014-0230", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0230", }, ], notes: [ { category: "general", text: "Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-0230", url: "https://www.suse.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "SUSE Bug 926762 for CVE-2014-0230", url: "https://bugzilla.suse.com/926762", }, { category: "external", summary: "SUSE Bug 988489 for CVE-2014-0230", url: "https://bugzilla.suse.com/988489", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "important", }, ], title: "CVE-2014-0230", }, { cve: "CVE-2014-7810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-7810", }, ], notes: [ { category: "general", text: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-7810", url: "https://www.suse.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "SUSE Bug 931442 for CVE-2014-7810", url: "https://bugzilla.suse.com/931442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch", ], }, ], threats: [ { category: "impact", date: "2013-08-02T13:29:14Z", details: "moderate", }, ], title: "CVE-2014-7810", }, ], }
suse-su-2015:1565-1
Vulnerability from csaf_suse
Published
2015-09-11 01:45
Modified
2015-09-11 01:45
Summary
Security update for tomcat6
Notes
Title of the patch
Security update for tomcat6
Description of the patch
This update for Tomcat fixes the following security issues:
- CVE-2014-7810: Security manager bypass via EL expressions. (bsc#931442)
It was found that the expression language resolver evaluated expressions within a
privileged code section. A malicious web application could have used this flaw to
bypass security manager protections.
- CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. (bsc#917127)
It was discovered that the ChunkedInputFilter implementation did not fail subsequent
attempts to read input early enough. A remote attacker could have used this flaw to
perform a denial of service attack, by streaming an unlimited quantity of data,
leading to consumption of server resources.
- CVE-2014-0230: Non-persistent DoS attack by feeding data by aborting an upload
It was possible for a remote attacker to trigger a non-persistent DoS attack by
feeding data by aborting an upload. (bsc#926762)
Additionally, the following non-security issues have been fixed:
- Fix rights of all files within /usr/share/tomcat6/bin. (bsc#906152)
- Don't overwrite /var/run/tomcat6.pid when Tomcat is already running. (bsc#934219)
- Miscellaneous fixes and improvements to Tomcat's init script. (bsc#932698)
Patchnames
slessp4-tomcat6-12092
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for tomcat6", title: "Title of the patch", }, { category: "description", text: "This update for Tomcat fixes the following security issues:\n\n- CVE-2014-7810: Security manager bypass via EL expressions. (bsc#931442)\nIt was found that the expression language resolver evaluated expressions within a\nprivileged code section. A malicious web application could have used this flaw to\nbypass security manager protections.\n\n- CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. (bsc#917127)\nIt was discovered that the ChunkedInputFilter implementation did not fail subsequent\nattempts to read input early enough. A remote attacker could have used this flaw to\nperform a denial of service attack, by streaming an unlimited quantity of data,\nleading to consumption of server resources.\n\n- CVE-2014-0230: Non-persistent DoS attack by feeding data by aborting an upload\nIt was possible for a remote attacker to trigger a non-persistent DoS attack by\nfeeding data by aborting an upload. (bsc#926762)\n\nAdditionally, the following non-security issues have been fixed:\n\n- Fix rights of all files within /usr/share/tomcat6/bin. (bsc#906152)\n- Don't overwrite /var/run/tomcat6.pid when Tomcat is already running. (bsc#934219)\n- Miscellaneous fixes and improvements to Tomcat's init script. (bsc#932698)\n", title: "Description of the patch", }, { category: "details", text: "slessp4-tomcat6-12092", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1565-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:1565-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20151565-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:1565-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-September/001594.html", }, { category: "self", summary: "SUSE Bug 906152", url: "https://bugzilla.suse.com/906152", }, { category: "self", summary: "SUSE Bug 917127", url: "https://bugzilla.suse.com/917127", }, { category: "self", summary: "SUSE Bug 926762", url: "https://bugzilla.suse.com/926762", }, { category: "self", summary: "SUSE Bug 931442", url: "https://bugzilla.suse.com/931442", }, { category: "self", summary: "SUSE Bug 932698", url: "https://bugzilla.suse.com/932698", }, { category: "self", summary: "SUSE Bug 934219", url: "https://bugzilla.suse.com/934219", }, { category: "self", summary: "SUSE CVE CVE-2014-0227 page", url: "https://www.suse.com/security/cve/CVE-2014-0227/", }, { category: "self", summary: "SUSE CVE CVE-2014-0230 page", url: "https://www.suse.com/security/cve/CVE-2014-0230/", }, { category: "self", summary: "SUSE CVE CVE-2014-7810 page", url: "https://www.suse.com/security/cve/CVE-2014-7810/", }, ], title: "Security update for tomcat6", tracking: { current_release_date: "2015-09-11T01:45:16Z", generator: { date: "2015-09-11T01:45:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:1565-1", initial_release_date: "2015-09-11T01:45:16Z", revision_history: [ { date: "2015-09-11T01:45:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "tomcat6-6.0.41-0.47.1.noarch", product: { name: "tomcat6-6.0.41-0.47.1.noarch", product_id: "tomcat6-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch", product: { name: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch", product_id: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch", product: { name: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch", product_id: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-javadoc-6.0.41-0.47.1.noarch", product: { name: "tomcat6-javadoc-6.0.41-0.47.1.noarch", product_id: "tomcat6-javadoc-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", product: { name: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", product_id: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-lib-6.0.41-0.47.1.noarch", product: { name: "tomcat6-lib-6.0.41-0.47.1.noarch", product_id: "tomcat6-lib-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", product: { name: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", product_id: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", }, }, { category: "product_version", name: "tomcat6-webapps-6.0.41-0.47.1.noarch", product: { name: "tomcat6-webapps-6.0.41-0.47.1.noarch", product_id: "tomcat6-webapps-6.0.41-0.47.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4", product: { name: "SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-javadoc-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-lib-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-webapps-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-admin-webapps-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-docs-webapp-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-javadoc-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-lib-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", }, product_reference: "tomcat6-webapps-6.0.41-0.47.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0227", }, ], notes: [ { category: "general", text: "java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-0227", url: "https://www.suse.com/security/cve/CVE-2014-0227", }, { category: "external", summary: "SUSE Bug 917127 for CVE-2014-0227", url: "https://bugzilla.suse.com/917127", }, { category: "external", summary: "SUSE Bug 926762 for CVE-2014-0227", url: "https://bugzilla.suse.com/926762", }, { category: "external", summary: "SUSE Bug 988489 for CVE-2014-0227", url: "https://bugzilla.suse.com/988489", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, ], threats: [ { category: "impact", date: "2015-09-11T01:45:16Z", details: "moderate", }, ], title: "CVE-2014-0227", }, { cve: "CVE-2014-0230", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0230", }, ], notes: [ { category: "general", text: "Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-0230", url: "https://www.suse.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "SUSE Bug 926762 for CVE-2014-0230", url: "https://bugzilla.suse.com/926762", }, { category: "external", summary: "SUSE Bug 988489 for CVE-2014-0230", url: "https://bugzilla.suse.com/988489", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, ], threats: [ { category: "impact", date: "2015-09-11T01:45:16Z", details: "important", }, ], title: "CVE-2014-0230", }, { cve: "CVE-2014-7810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-7810", }, ], notes: [ { category: "general", text: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2014-7810", url: "https://www.suse.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "SUSE Bug 931442 for CVE-2014-7810", url: "https://bugzilla.suse.com/931442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch", ], }, ], threats: [ { category: "impact", date: "2015-09-11T01:45:16Z", details: "moderate", }, ], title: "CVE-2014-7810", }, ], }
rhsa-2015:1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2025-02-02 19:58
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1622", url: "https://access.redhat.com/errata/RHSA-2015:1622", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2025-02-02T19:58:51+00:00", generator: { date: "2025-02-02T19:58:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2015:1622", initial_release_date: "2015-08-13T15:29:23+00:00", revision_history: [ { date: "2015-08-13T15:29:23+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:29:23+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-02T19:58:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
rhsa-2016_2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2024-11-22 10:10
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:2046", url: "https://access.redhat.com/errata/RHSA-2016:2046", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json", }, ], title: "Red Hat Security Advisory: tomcat security update", tracking: { current_release_date: "2024-11-22T10:10:37+00:00", generator: { date: "2024-11-22T10:10:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:2046", initial_release_date: "2016-10-10T20:38:43+00:00", revision_history: [ { date: "2016-10-10T20:38:43+00:00", number: "1", summary: "Initial version", }, { date: "2016-10-10T20:38:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T10:10:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.src", product: { name: "tomcat-0:7.0.54-8.el7_2.src", product_id: "tomcat-0:7.0.54-8.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, { cve: "CVE-2015-5346", discovery_date: "2014-06-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1311085", }, ], notes: [ { category: "description", text: "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-5346", }, { category: "external", summary: "RHBZ#1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-5346", url: "https://www.cve.org/CVERecord?id=CVE-2015-5346", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", }, { category: "external", summary: "http://seclists.org/bugtraq/2016/Feb/143", url: "http://seclists.org/bugtraq/2016/Feb/143", }, ], release_date: "2016-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Session fixation", }, { acknowledgments: [ { names: [ "Scott Geary", ], organization: "VendHQ", }, ], cve: "CVE-2016-5388", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2016-07-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1353809", }, ], notes: [ { category: "description", text: "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5388", }, { category: "external", summary: "RHBZ#1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5388", url: "https://www.cve.org/CVERecord?id=CVE-2016-5388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", }, ], release_date: "2016-07-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", }, { acknowledgments: [ { names: [ "Dawid Golunski", ], organization: "http://legalhackers.com", }, ], cve: "CVE-2016-5425", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-07-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1362545", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Local privilege escalation via systemd-tmpfiles service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5425", }, { category: "external", summary: "RHBZ#1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5425", url: "https://www.cve.org/CVERecord?id=CVE-2016-5425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", }, { category: "external", summary: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", url: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: Local privilege escalation via systemd-tmpfiles service", }, { acknowledgments: [ { summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2016-6325", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-08-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1367447", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: tomcat writable config files allow privilege escalation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-6325", }, { category: "external", summary: "RHBZ#1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-6325", url: "https://www.cve.org/CVERecord?id=CVE-2016-6325", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: tomcat writable config files allow privilege escalation", }, ], }
RHSA-2015:1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2025-02-02 19:58
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1621", url: "https://access.redhat.com/errata/RHSA-2015:1621", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2025-02-02T19:58:46+00:00", generator: { date: "2025-02-02T19:58:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2015:1621", initial_release_date: "2015-08-13T15:30:33+00:00", revision_history: [ { date: "2015-08-13T15:30:33+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:30:33+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-02T19:58:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 2.1", product: { name: "Red Hat JBoss Web Server 2.1", product_id: "Red Hat JBoss Web Server 2.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
RHSA-2016:0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2024-11-22 09:15
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:0492", url: "https://access.redhat.com/errata/RHSA-2016:0492", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1301646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301646", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json", }, ], title: "Red Hat Security Advisory: tomcat6 security and bug fix update", tracking: { current_release_date: "2024-11-22T09:15:48+00:00", generator: { date: "2024-11-22T09:15:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:0492", initial_release_date: "2016-03-22T21:02:03+00:00", revision_history: [ { date: "2016-03-22T21:02:03+00:00", number: "1", summary: "Initial version", }, { date: "2016-03-22T21:02:03+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T09:15:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.src", product: { name: "tomcat6-0:6.0.24-94.el6_7.src", product_id: "tomcat6-0:6.0.24-94.el6_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-03-22T21:02:03+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:0492", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
RHSA-2015:1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2025-02-02 19:58
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1622", url: "https://access.redhat.com/errata/RHSA-2015:1622", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2025-02-02T19:58:51+00:00", generator: { date: "2025-02-02T19:58:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2015:1622", initial_release_date: "2015-08-13T15:29:23+00:00", revision_history: [ { date: "2015-08-13T15:29:23+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:29:23+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-02T19:58:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
rhsa-2016:0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2024-11-22 09:15
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:0492", url: "https://access.redhat.com/errata/RHSA-2016:0492", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1301646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301646", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json", }, ], title: "Red Hat Security Advisory: tomcat6 security and bug fix update", tracking: { current_release_date: "2024-11-22T09:15:48+00:00", generator: { date: "2024-11-22T09:15:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:0492", initial_release_date: "2016-03-22T21:02:03+00:00", revision_history: [ { date: "2016-03-22T21:02:03+00:00", number: "1", summary: "Initial version", }, { date: "2016-03-22T21:02:03+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T09:15:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.src", product: { name: "tomcat6-0:6.0.24-94.el6_7.src", product_id: "tomcat6-0:6.0.24-94.el6_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-03-22T21:02:03+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:0492", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
rhsa-2015_1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1621", url: "https://access.redhat.com/errata/RHSA-2015:1621", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2024-11-25T12:05:07+00:00", generator: { date: "2024-11-25T12:05:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2015:1621", initial_release_date: "2015-08-13T15:30:33+00:00", revision_history: [ { date: "2015-08-13T15:30:33+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:30:33+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-25T12:05:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 2.1", product: { name: "Red Hat JBoss Web Server 2.1", product_id: "Red Hat JBoss Web Server 2.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
RHSA-2016:2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2024-11-22 10:10
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:2046", url: "https://access.redhat.com/errata/RHSA-2016:2046", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json", }, ], title: "Red Hat Security Advisory: tomcat security update", tracking: { current_release_date: "2024-11-22T10:10:37+00:00", generator: { date: "2024-11-22T10:10:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:2046", initial_release_date: "2016-10-10T20:38:43+00:00", revision_history: [ { date: "2016-10-10T20:38:43+00:00", number: "1", summary: "Initial version", }, { date: "2016-10-10T20:38:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T10:10:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.src", product: { name: "tomcat-0:7.0.54-8.el7_2.src", product_id: "tomcat-0:7.0.54-8.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, { cve: "CVE-2015-5346", discovery_date: "2014-06-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1311085", }, ], notes: [ { category: "description", text: "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-5346", }, { category: "external", summary: "RHBZ#1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-5346", url: "https://www.cve.org/CVERecord?id=CVE-2015-5346", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", }, { category: "external", summary: "http://seclists.org/bugtraq/2016/Feb/143", url: "http://seclists.org/bugtraq/2016/Feb/143", }, ], release_date: "2016-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Session fixation", }, { acknowledgments: [ { names: [ "Scott Geary", ], organization: "VendHQ", }, ], cve: "CVE-2016-5388", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2016-07-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1353809", }, ], notes: [ { category: "description", text: "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5388", }, { category: "external", summary: "RHBZ#1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5388", url: "https://www.cve.org/CVERecord?id=CVE-2016-5388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", }, ], release_date: "2016-07-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", }, { acknowledgments: [ { names: [ "Dawid Golunski", ], organization: "http://legalhackers.com", }, ], cve: "CVE-2016-5425", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-07-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1362545", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Local privilege escalation via systemd-tmpfiles service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5425", }, { category: "external", summary: "RHBZ#1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5425", url: "https://www.cve.org/CVERecord?id=CVE-2016-5425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", }, { category: "external", summary: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", url: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: Local privilege escalation via systemd-tmpfiles service", }, { acknowledgments: [ { summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2016-6325", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-08-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1367447", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: tomcat writable config files allow privilege escalation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-6325", }, { category: "external", summary: "RHBZ#1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-6325", url: "https://www.cve.org/CVERecord?id=CVE-2016-6325", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: tomcat writable config files allow privilege escalation", }, ], }
rhsa-2015_1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1622", url: "https://access.redhat.com/errata/RHSA-2015:1622", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2024-11-25T12:05:12+00:00", generator: { date: "2024-11-25T12:05:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2015:1622", initial_release_date: "2015-08-13T15:29:23+00:00", revision_history: [ { date: "2015-08-13T15:29:23+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:29:23+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-25T12:05:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_id: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_id: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_id: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_id: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_id: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", product_id: "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", relates_to_product_reference: "5Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", }, product_reference: "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", product_id: "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", relates_to_product_reference: "6Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", }, product_reference: "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", }, product_reference: "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", }, product_reference: "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, { category: "default_component_of", full_product_name: { name: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", product_id: "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", }, product_reference: "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", relates_to_product_reference: "7Server-JBEWS-2", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:29:23+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1622", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
rhsa-2015:1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2025-02-02 19:58
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2015:1621", url: "https://access.redhat.com/errata/RHSA-2015:1621", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0", }, { category: "external", summary: "1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", tracking: { current_release_date: "2025-02-02T19:58:46+00:00", generator: { date: "2025-02-02T19:58:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2015:1621", initial_release_date: "2015-08-13T15:30:33+00:00", revision_history: [ { date: "2015-08-13T15:30:33+00:00", number: "1", summary: "Initial version", }, { date: "2015-08-13T15:30:33+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-02T19:58:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 2.1", product: { name: "Red Hat JBoss Web Server 2.1", product_id: "Red Hat JBoss Web Server 2.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0230", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2015-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1191200", }, ], notes: [ { category: "description", text: "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-0230", }, { category: "external", summary: "RHBZ#1191200", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1191200", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-0230", url: "https://www.cve.org/CVERecord?id=CVE-2014-0230", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", }, ], release_date: "2014-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: non-persistent DoS attack by feeding data by aborting an upload", }, { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Server 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2015-08-13T15:30:33+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", product_ids: [ "Red Hat JBoss Web Server 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2015:1621", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Server 2.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
rhsa-2016:2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2024-11-22 10:10
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:2046", url: "https://access.redhat.com/errata/RHSA-2016:2046", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json", }, ], title: "Red Hat Security Advisory: tomcat security update", tracking: { current_release_date: "2024-11-22T10:10:37+00:00", generator: { date: "2024-11-22T10:10:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:2046", initial_release_date: "2016-10-10T20:38:43+00:00", revision_history: [ { date: "2016-10-10T20:38:43+00:00", number: "1", summary: "Initial version", }, { date: "2016-10-10T20:38:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T10:10:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-lib-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch", }, }, }, { category: "product_version", name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_id: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat-0:7.0.54-8.el7_2.src", product: { name: "tomcat-0:7.0.54-8.el7_2.src", product_id: "tomcat-0:7.0.54-8.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Client-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7ComputeNode-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Server-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", }, product_reference: "tomcat-0:7.0.54-8.el7_2.src", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-lib-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, { category: "default_component_of", full_product_name: { name: "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", }, product_reference: "tomcat-webapps-0:7.0.54-8.el7_2.noarch", relates_to_product_reference: "7Workstation-optional-7.2.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, { cve: "CVE-2015-5346", discovery_date: "2014-06-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1311085", }, ], notes: [ { category: "description", text: "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-5346", }, { category: "external", summary: "RHBZ#1311085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1311085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-5346", url: "https://www.cve.org/CVERecord?id=CVE-2015-5346", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", }, { category: "external", summary: "http://seclists.org/bugtraq/2016/Feb/143", url: "http://seclists.org/bugtraq/2016/Feb/143", }, ], release_date: "2016-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Session fixation", }, { acknowledgments: [ { names: [ "Scott Geary", ], organization: "VendHQ", }, ], cve: "CVE-2016-5388", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2016-07-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1353809", }, ], notes: [ { category: "description", text: "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5388", }, { category: "external", summary: "RHBZ#1353809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5388", url: "https://www.cve.org/CVERecord?id=CVE-2016-5388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", }, ], release_date: "2016-07-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", }, { acknowledgments: [ { names: [ "Dawid Golunski", ], organization: "http://legalhackers.com", }, ], cve: "CVE-2016-5425", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-07-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1362545", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Local privilege escalation via systemd-tmpfiles service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5425", }, { category: "external", summary: "RHBZ#1362545", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362545", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5425", url: "https://www.cve.org/CVERecord?id=CVE-2016-5425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", }, { category: "external", summary: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", url: "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: Local privilege escalation via systemd-tmpfiles service", }, { acknowledgments: [ { summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2016-6325", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2016-08-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1367447", }, ], notes: [ { category: "description", text: "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: tomcat writable config files allow privilege escalation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-6325", }, { category: "external", summary: "RHBZ#1367447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-6325", url: "https://www.cve.org/CVERecord?id=CVE-2016-6325", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", }, ], release_date: "2016-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-10-10T20:38:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:2046", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: tomcat writable config files allow privilege escalation", }, ], }
rhsa-2016_0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2024-11-22 09:15
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2016:0492", url: "https://access.redhat.com/errata/RHSA-2016:0492", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "1301646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301646", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json", }, ], title: "Red Hat Security Advisory: tomcat6 security and bug fix update", tracking: { current_release_date: "2024-11-22T09:15:48+00:00", generator: { date: "2024-11-22T09:15:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2016:0492", initial_release_date: "2016-03-22T21:02:03+00:00", revision_history: [ { date: "2016-03-22T21:02:03+00:00", number: "1", summary: "Initial version", }, { date: "2016-03-22T21:02:03+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T09:15:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.src", product: { name: "tomcat6-0:6.0.24-94.el6_7.src", product_id: "tomcat6-0:6.0.24-94.el6_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_id: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Client-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Server-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.src", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.i686", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", relates_to_product_reference: "6Workstation-optional-6.7.z", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", }, product_reference: "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", relates_to_product_reference: "6Workstation-optional-6.7.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7810", discovery_date: "2015-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1222573", }, ], notes: [ { category: "description", text: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat/JbossWeb: security manager bypass via EL expressions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7810", }, { category: "external", summary: "RHBZ#1222573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1222573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7810", url: "https://www.cve.org/CVERecord?id=CVE-2014-7810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { category: "external", summary: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", url: "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", }, { category: "external", summary: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", url: "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", }, { category: "external", summary: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", url: "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", }, ], release_date: "2015-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2016-03-22T21:02:03+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2016:0492", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Tomcat/JbossWeb: security manager bypass via EL expressions", }, ], }
WID-SEC-W-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1594 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json", }, { category: "self", summary: "WID-SEC-2023-1594 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/885316", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/884276", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/883428", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/883424", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882926", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882898", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882888", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880403", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880401", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880395", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/879855", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/879841", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870546", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870526", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870508", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870504", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870500", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870498", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/743933", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739297", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739271", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739249", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739247", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739245", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739243", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/738231", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/731931", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730883", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730871", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730845", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730835", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730171", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720307", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720283", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720265", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/718745", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717345", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717335", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717327", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717007", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/716573", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/712213", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/712199", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/570557", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569765", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569727", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569717", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/305321", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/304091", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/304089", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/303663", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/303657", }, ], source_lang: "en-US", title: "IBM Tivoli Network Manager: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-28T22:00:00.000+00:00", generator: { date: "2024-08-15T17:53:31.776+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1594", initial_release_date: "2023-06-28T22:00:00.000+00:00", revision_history: [ { date: "2023-06-28T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 5", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 5", product_id: "T028343", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9", product_id: "T028344", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 4.1.1", product: { name: "IBM Tivoli Network Manager IP Edition < 4.1.1", product_id: "T028345", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 4.2", product: { name: "IBM Tivoli Network Manager IP Edition < 4.2", product_id: "T028346", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9.0.4", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9.0.4", product_id: "T028347", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9.0.5", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9.0.5", product_id: "T028348", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 4", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 4", product_id: "T028349", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4", }, }, }, ], category: "product_name", name: "Tivoli Network Manager", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2019-4046", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-4046", }, { cve: "CVE-2019-4030", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-4030", }, { cve: "CVE-2019-2684", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2684", }, { cve: "CVE-2019-2602", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2602", }, { cve: "CVE-2019-2537", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2537", }, { cve: "CVE-2019-2534", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2534", }, { cve: "CVE-2019-2531", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2531", }, { cve: "CVE-2019-2529", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2529", }, { cve: "CVE-2019-2503", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2503", }, { cve: "CVE-2019-2482", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2482", }, { cve: "CVE-2019-2481", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2481", }, { cve: "CVE-2019-2455", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2455", }, { cve: "CVE-2019-1559", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-1559", }, { cve: "CVE-2019-0220", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-0220", }, { cve: "CVE-2018-8039", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-8039", }, { cve: "CVE-2018-5407", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-5407", }, { cve: "CVE-2018-3282", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3282", }, { cve: "CVE-2018-3278", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3278", }, { cve: "CVE-2018-3276", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3276", }, { cve: "CVE-2018-3251", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3251", }, { cve: "CVE-2018-3247", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3247", }, { cve: "CVE-2018-3174", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3174", }, { cve: "CVE-2018-3156", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3156", }, { cve: "CVE-2018-3143", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3143", }, { cve: "CVE-2018-3123", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3123", }, { cve: "CVE-2018-3084", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3084", }, { cve: "CVE-2018-3082", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3082", }, { cve: "CVE-2018-3081", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3081", }, { cve: "CVE-2018-3080", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3080", }, { cve: "CVE-2018-3079", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3079", }, { cve: "CVE-2018-3078", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3078", }, { cve: "CVE-2018-3077", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3077", }, { cve: "CVE-2018-3075", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3075", }, { cve: "CVE-2018-3074", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3074", }, { cve: "CVE-2018-3073", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3073", }, { cve: "CVE-2018-3071", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3071", }, { cve: "CVE-2018-3070", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3070", }, { cve: "CVE-2018-3067", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3067", }, { cve: "CVE-2018-3066", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3066", }, { cve: "CVE-2018-3065", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3065", }, { cve: "CVE-2018-3064", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3064", }, { cve: "CVE-2018-3063", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3063", }, { cve: "CVE-2018-3062", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3062", }, { cve: "CVE-2018-3061", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3061", }, { cve: "CVE-2018-3060", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3060", }, { cve: "CVE-2018-3058", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3058", }, { cve: "CVE-2018-3056", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3056", }, { cve: "CVE-2018-3054", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3054", }, { cve: "CVE-2018-2877", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2877", }, { cve: "CVE-2018-2846", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2846", }, { cve: "CVE-2018-2839", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2839", }, { cve: "CVE-2018-2819", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2819", }, { cve: "CVE-2018-2818", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2818", }, { cve: "CVE-2018-2817", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2817", }, { cve: "CVE-2018-2816", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2816", }, { cve: "CVE-2018-2813", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2813", }, { cve: "CVE-2018-2812", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2812", }, { cve: "CVE-2018-2810", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2810", }, { cve: "CVE-2018-2805", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2805", }, { cve: "CVE-2018-2787", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2787", }, { cve: "CVE-2018-2786", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2786", }, { cve: "CVE-2018-2784", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2784", }, { cve: "CVE-2018-2782", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2782", }, { cve: "CVE-2018-2781", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2781", }, { cve: "CVE-2018-2780", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2780", }, { cve: "CVE-2018-2779", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2779", }, { cve: "CVE-2018-2778", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2778", }, { cve: "CVE-2018-2777", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2777", }, { cve: "CVE-2018-2776", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2776", }, { cve: "CVE-2018-2775", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2775", }, { cve: "CVE-2018-2773", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2773", }, { cve: "CVE-2018-2771", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2771", }, { cve: "CVE-2018-2769", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2769", }, { cve: "CVE-2018-2766", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2766", }, { cve: "CVE-2018-2762", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2762", }, { cve: "CVE-2018-2761", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2761", }, { cve: "CVE-2018-2759", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2759", }, { cve: "CVE-2018-2758", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2758", }, { cve: "CVE-2018-2755", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2755", }, { cve: "CVE-2018-2598", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2598", }, { cve: "CVE-2018-1996", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1996", }, { cve: "CVE-2018-1926", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1926", }, { cve: "CVE-2018-1904", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1904", }, { cve: "CVE-2018-1902", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1902", }, { cve: "CVE-2018-1901", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1901", }, { cve: "CVE-2018-1798", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1798", }, { cve: "CVE-2018-1797", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1797", }, { cve: "CVE-2018-1794", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1794", }, { cve: "CVE-2018-1793", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1793", }, { cve: "CVE-2018-1777", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1777", }, { cve: "CVE-2018-1770", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1770", }, { cve: "CVE-2018-1767", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1767", }, { cve: "CVE-2018-1719", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1719", }, { cve: "CVE-2018-1695", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1695", }, { cve: "CVE-2018-1656", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1656", }, { cve: "CVE-2018-1643", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1643", }, { cve: "CVE-2018-1621", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1621", }, { cve: "CVE-2018-1614", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1614", }, { cve: "CVE-2018-1567", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1567", }, { cve: "CVE-2018-1447", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1447", }, { cve: "CVE-2018-1428", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1428", }, { cve: "CVE-2018-1427", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1427", }, { cve: "CVE-2018-1426", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1426", }, { cve: "CVE-2018-1301", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1301", }, { cve: "CVE-2018-12539", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-12539", }, { cve: "CVE-2018-10237", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-10237", }, { cve: "CVE-2018-0734", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-0734", }, { cve: "CVE-2018-0732", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-0732", }, { cve: "CVE-2017-9798", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-9798", }, { cve: "CVE-2017-3738", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3738", }, { cve: "CVE-2017-3737", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3737", }, { cve: "CVE-2017-3736", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3736", }, { cve: "CVE-2017-3735", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3735", }, { cve: "CVE-2017-3732", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3732", }, { cve: "CVE-2017-1743", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1743", }, { cve: "CVE-2017-1741", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1741", }, { cve: "CVE-2017-1731", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1731", }, { cve: "CVE-2017-1681", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1681", }, { cve: "CVE-2017-15715", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-15715", }, { cve: "CVE-2017-15710", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-15710", }, { cve: "CVE-2017-12624", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12624", }, { cve: "CVE-2017-12618", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12618", }, { cve: "CVE-2017-12613", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12613", }, { cve: "CVE-2016-0705", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0705", }, { cve: "CVE-2016-0702", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0702", }, { cve: "CVE-2016-0701", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0701", }, { cve: "CVE-2015-0899", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2015-0899", }, { cve: "CVE-2014-7810", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2014-7810", }, { cve: "CVE-2012-5783", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2012-5783", }, ], }
wid-sec-w-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1594 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json", }, { category: "self", summary: "WID-SEC-2023-1594 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/885316", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/884276", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/883428", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/883424", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882926", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882898", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/882888", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880403", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880401", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/880395", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/879855", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/879841", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870546", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870526", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870508", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870504", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870500", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/870498", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/743933", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739297", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739271", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739249", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739247", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739245", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/739243", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/738231", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/731931", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730883", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730871", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730845", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730835", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/730171", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720307", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720283", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/720265", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/718745", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717345", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717335", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717327", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/717007", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/716573", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/712213", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/712199", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/570557", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569765", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569727", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/569717", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/305321", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/304091", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/304089", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/303663", }, { category: "external", summary: "IBM Security Advisory vom 2023-06-28", url: "https://www.ibm.com/support/pages/node/303657", }, ], source_lang: "en-US", title: "IBM Tivoli Network Manager: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-28T22:00:00.000+00:00", generator: { date: "2024-08-15T17:53:31.776+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1594", initial_release_date: "2023-06-28T22:00:00.000+00:00", revision_history: [ { date: "2023-06-28T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 5", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 5", product_id: "T028343", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9", product_id: "T028344", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 4.1.1", product: { name: "IBM Tivoli Network Manager IP Edition < 4.1.1", product_id: "T028345", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 4.2", product: { name: "IBM Tivoli Network Manager IP Edition < 4.2", product_id: "T028346", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9.0.4", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9.0.4", product_id: "T028347", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9.0.5", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9.0.5", product_id: "T028348", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5", }, }, }, { category: "product_name", name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 4", product: { name: "IBM Tivoli Network Manager IP Edition < 3.9 Fix Pack 4", product_id: "T028349", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4", }, }, }, ], category: "product_name", name: "Tivoli Network Manager", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2019-4046", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-4046", }, { cve: "CVE-2019-4030", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-4030", }, { cve: "CVE-2019-2684", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2684", }, { cve: "CVE-2019-2602", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2602", }, { cve: "CVE-2019-2537", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2537", }, { cve: "CVE-2019-2534", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2534", }, { cve: "CVE-2019-2531", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2531", }, { cve: "CVE-2019-2529", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2529", }, { cve: "CVE-2019-2503", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2503", }, { cve: "CVE-2019-2482", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2482", }, { cve: "CVE-2019-2481", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2481", }, { cve: "CVE-2019-2455", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-2455", }, { cve: "CVE-2019-1559", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-1559", }, { cve: "CVE-2019-0220", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2019-0220", }, { cve: "CVE-2018-8039", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-8039", }, { cve: "CVE-2018-5407", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-5407", }, { cve: "CVE-2018-3282", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3282", }, { cve: "CVE-2018-3278", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3278", }, { cve: "CVE-2018-3276", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3276", }, { cve: "CVE-2018-3251", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3251", }, { cve: "CVE-2018-3247", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3247", }, { cve: "CVE-2018-3174", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3174", }, { cve: "CVE-2018-3156", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3156", }, { cve: "CVE-2018-3143", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3143", }, { cve: "CVE-2018-3123", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3123", }, { cve: "CVE-2018-3084", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3084", }, { cve: "CVE-2018-3082", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3082", }, { cve: "CVE-2018-3081", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3081", }, { cve: "CVE-2018-3080", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3080", }, { cve: "CVE-2018-3079", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3079", }, { cve: "CVE-2018-3078", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3078", }, { cve: "CVE-2018-3077", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3077", }, { cve: "CVE-2018-3075", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3075", }, { cve: "CVE-2018-3074", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3074", }, { cve: "CVE-2018-3073", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3073", }, { cve: "CVE-2018-3071", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3071", }, { cve: "CVE-2018-3070", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3070", }, { cve: "CVE-2018-3067", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3067", }, { cve: "CVE-2018-3066", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3066", }, { cve: "CVE-2018-3065", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3065", }, { cve: "CVE-2018-3064", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3064", }, { cve: "CVE-2018-3063", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3063", }, { cve: "CVE-2018-3062", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3062", }, { cve: "CVE-2018-3061", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3061", }, { cve: "CVE-2018-3060", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3060", }, { cve: "CVE-2018-3058", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3058", }, { cve: "CVE-2018-3056", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3056", }, { cve: "CVE-2018-3054", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-3054", }, { cve: "CVE-2018-2877", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2877", }, { cve: "CVE-2018-2846", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2846", }, { cve: "CVE-2018-2839", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2839", }, { cve: "CVE-2018-2819", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2819", }, { cve: "CVE-2018-2818", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2818", }, { cve: "CVE-2018-2817", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2817", }, { cve: "CVE-2018-2816", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2816", }, { cve: "CVE-2018-2813", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2813", }, { cve: "CVE-2018-2812", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2812", }, { cve: "CVE-2018-2810", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2810", }, { cve: "CVE-2018-2805", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2805", }, { cve: "CVE-2018-2787", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2787", }, { cve: "CVE-2018-2786", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2786", }, { cve: "CVE-2018-2784", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2784", }, { cve: "CVE-2018-2782", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2782", }, { cve: "CVE-2018-2781", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2781", }, { cve: "CVE-2018-2780", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2780", }, { cve: "CVE-2018-2779", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2779", }, { cve: "CVE-2018-2778", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2778", }, { cve: "CVE-2018-2777", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2777", }, { cve: "CVE-2018-2776", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2776", }, { cve: "CVE-2018-2775", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2775", }, { cve: "CVE-2018-2773", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2773", }, { cve: "CVE-2018-2771", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2771", }, { cve: "CVE-2018-2769", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2769", }, { cve: "CVE-2018-2766", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2766", }, { cve: "CVE-2018-2762", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2762", }, { cve: "CVE-2018-2761", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2761", }, { cve: "CVE-2018-2759", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2759", }, { cve: "CVE-2018-2758", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2758", }, { cve: "CVE-2018-2755", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2755", }, { cve: "CVE-2018-2598", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-2598", }, { cve: "CVE-2018-1996", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1996", }, { cve: "CVE-2018-1926", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1926", }, { cve: "CVE-2018-1904", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1904", }, { cve: "CVE-2018-1902", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1902", }, { cve: "CVE-2018-1901", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1901", }, { cve: "CVE-2018-1798", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1798", }, { cve: "CVE-2018-1797", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1797", }, { cve: "CVE-2018-1794", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1794", }, { cve: "CVE-2018-1793", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1793", }, { cve: "CVE-2018-1777", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1777", }, { cve: "CVE-2018-1770", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1770", }, { cve: "CVE-2018-1767", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1767", }, { cve: "CVE-2018-1719", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1719", }, { cve: "CVE-2018-1695", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1695", }, { cve: "CVE-2018-1656", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1656", }, { cve: "CVE-2018-1643", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1643", }, { cve: "CVE-2018-1621", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1621", }, { cve: "CVE-2018-1614", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1614", }, { cve: "CVE-2018-1567", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1567", }, { cve: "CVE-2018-1447", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1447", }, { cve: "CVE-2018-1428", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1428", }, { cve: "CVE-2018-1427", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1427", }, { cve: "CVE-2018-1426", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1426", }, { cve: "CVE-2018-1301", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-1301", }, { cve: "CVE-2018-12539", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-12539", }, { cve: "CVE-2018-10237", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-10237", }, { cve: "CVE-2018-0734", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-0734", }, { cve: "CVE-2018-0732", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2018-0732", }, { cve: "CVE-2017-9798", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-9798", }, { cve: "CVE-2017-3738", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3738", }, { cve: "CVE-2017-3737", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3737", }, { cve: "CVE-2017-3736", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3736", }, { cve: "CVE-2017-3735", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3735", }, { cve: "CVE-2017-3732", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-3732", }, { cve: "CVE-2017-1743", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1743", }, { cve: "CVE-2017-1741", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1741", }, { cve: "CVE-2017-1731", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1731", }, { cve: "CVE-2017-1681", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-1681", }, { cve: "CVE-2017-15715", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-15715", }, { cve: "CVE-2017-15710", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-15710", }, { cve: "CVE-2017-12624", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12624", }, { cve: "CVE-2017-12618", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12618", }, { cve: "CVE-2017-12613", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2017-12613", }, { cve: "CVE-2016-0705", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0705", }, { cve: "CVE-2016-0702", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0702", }, { cve: "CVE-2016-0701", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2016-0701", }, { cve: "CVE-2015-0899", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2015-0899", }, { cve: "CVE-2014-7810", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2014-7810", }, { cve: "CVE-2012-5783", notes: [ { category: "description", text: "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.", }, ], release_date: "2023-06-28T22:00:00.000+00:00", title: "CVE-2012-5783", }, ], }
ghsa-4c43-cwvx-9crh
Vulnerability from github
Published
2022-05-14 01:10
Modified
2022-07-06 21:05
Summary
Improper Access Control in Apache Tomcat
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
{ affected: [ { package: { ecosystem: "Maven", name: "org.apache.tomcat:tomcat", }, ranges: [ { events: [ { introduced: "6.0.0", }, { fixed: "6.0.44", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "org.apache.tomcat:tomcat", }, ranges: [ { events: [ { introduced: "7.0.0", }, { fixed: "7.0.58", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "org.apache.tomcat:tomcat", }, ranges: [ { events: [ { introduced: "8.0.0", }, { fixed: "8.0.16", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2014-7810", ], database_specific: { cwe_ids: [ "CWE-284", ], github_reviewed: true, github_reviewed_at: "2022-07-06T21:05:15Z", nvd_published_at: "2015-06-07T23:59:00Z", severity: "MODERATE", }, details: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", id: "GHSA-4c43-cwvx-9crh", modified: "2022-07-06T21:05:15Z", published: "2022-05-14T01:10:17Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", }, { type: "WEB", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { type: "WEB", url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { type: "WEB", url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { type: "WEB", url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { type: "WEB", url: "http://tomcat.apache.org/security-6.html", }, { type: "WEB", url: "http://tomcat.apache.org/security-7.html", }, { type: "WEB", url: "http://tomcat.apache.org/security-8.html", }, { type: "WEB", url: "http://www.debian.org/security/2015/dsa-3428", }, { type: "WEB", url: "http://www.debian.org/security/2016/dsa-3447", }, { type: "WEB", url: "http://www.debian.org/security/2016/dsa-3530", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { type: "WEB", url: "http://www.ubuntu.com/usn/USN-2654-1", }, { type: "WEB", url: "http://www.ubuntu.com/usn/USN-2655-1", }, ], schema_version: "1.4.0", severity: [], summary: "Improper Access Control in Apache Tomcat", }
fkie_cve-2014-7810
Vulnerability from fkie_nvd
Published
2015-06-07 23:59
Modified
2024-11-21 02:18
Severity ?
Summary
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "49E3C039-A949-4F1B-892A-57147EECB249", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", matchCriteriaId: "0A354C34-A3FE-4B8A-9985-8874A0634BC7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "F28C7801-41B9-4552-BA1E-577967BCBBEE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", matchCriteriaId: "CFE300CC-FD4A-444E-8506-E5E269D0A0A5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "25B21085-7259-4685-9D1F-FF98E6489E10", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", matchCriteriaId: "F50A3EC9-516E-48A7-839B-A73F491B5B9F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "635EE321-2A1F-4FF8-95BE-0C26591969D9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", matchCriteriaId: "FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", matchCriteriaId: "C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", matchCriteriaId: "31AB969A-9ACE-44EF-B2E5-CEC008F47C46", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", matchCriteriaId: "06217215-72E4-4478-BACB-628A0836A645", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "9C95ADA4-66F5-45C4-A677-ACE22367A75A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", matchCriteriaId: "EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "11951A10-39A2-4FF5-8C43-DF94730FB794", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", matchCriteriaId: "8B79F2EA-C893-4359-80EC-24AE38D982E5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "351E5BCF-A56B-4D91-BA3C-21A4B77D529A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", matchCriteriaId: "2DC2BBB4-171E-4EFF-A575-A5B7FF031755", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", matchCriteriaId: "6B6B0504-27C1-4824-A928-A878CBBAB32D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", matchCriteriaId: "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", matchCriteriaId: "D903956B-14F5-4177-AF12-0A5F1846D3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", matchCriteriaId: "81F847DC-A2F5-456C-9038-16A0E85F4C3B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", matchCriteriaId: "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", matchCriteriaId: "C6B93A3A-D487-4CA1-8257-26F8FE287B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", matchCriteriaId: "BD8802B2-57E0-4AA6-BC8E-00DE60468569", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", matchCriteriaId: "8461DF95-18DC-4BF5-A703-7F19DA88DC30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", matchCriteriaId: "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", matchCriteriaId: "2823789C-2CB6-4300-94DB-BDBE83ABA8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", matchCriteriaId: "C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", matchCriteriaId: "A61429EE-4331-430C-9830-58DCCBCBCB58", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", matchCriteriaId: "31B3593F-CEDF-423C-90F8-F88EED87DC3E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", matchCriteriaId: "AE7862B2-E1FA-4E16-92CD-8918AB461D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", matchCriteriaId: "A9E03BE3-60CC-4415-B993-D0BB00F87A30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", matchCriteriaId: "CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", matchCriteriaId: "BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", matchCriteriaId: "48E5E8C3-21AD-4230-B945-AB7DE66307B9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", matchCriteriaId: "4945C8C1-C71B-448B-9075-07C6C92599CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", matchCriteriaId: "ED4730B0-2E09-408B-AFD4-FE00F73700FD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", matchCriteriaId: "B8DE8A8A-7643-4292-BCC1-758AE0940207", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", matchCriteriaId: "E9B54FCD-CF7C-47E2-8513-40419E47AF49", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", matchCriteriaId: "D87EFB6D-B626-469F-907C-40C771A55833", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", matchCriteriaId: "6330B97B-8FC5-4D7E-A960-5D94EDD0C378", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0F8C62EF-1B67-456A-9C66-755439CF8556", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", matchCriteriaId: "33E9607B-4D28-460D-896B-E4B7FA22441E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A819E245-D641-4F19-9139-6C940504F6E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "81A31CA0-A209-4C49-AA06-C38E165E5B68", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", matchCriteriaId: "7205475A-6D04-4042-B24E-1DA5A57029B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", matchCriteriaId: "08022987-B36B-4F63-88A5-A8F59195DF4A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", matchCriteriaId: "0AA563BF-A67A-477D-956A-167ABEF885C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", matchCriteriaId: "FF4B7557-EF35-451E-B55D-3296966695AC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8980E61E-27BE-4858-82B3-C0E8128AF521", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", matchCriteriaId: "8756BF9B-3E24-4677-87AE-31CE776541F0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", matchCriteriaId: "88CE057E-2092-4C98-8D0C-75CF439D0A9C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8F194580-EE6D-4E38-87F3-F0661262256B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", matchCriteriaId: "A9731BAA-4C6C-4259-B786-F577D8A90FA1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", matchCriteriaId: "1F74A421-D019-4248-84B8-C70D4D9A8A95", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", matchCriteriaId: "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", matchCriteriaId: "05346F5A-FB52-4376-AAC7-9A5308216545", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", matchCriteriaId: "305688F2-50A6-41FB-8614-BC589DB9A789", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", matchCriteriaId: "D24AA431-C436-4AA5-85DF-B9AAFF2548FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", matchCriteriaId: "25966344-15D5-4101-9346-B06BFD2DFFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", matchCriteriaId: "11F4CBAC-27B1-4EFF-955A-A63B457D0578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", matchCriteriaId: "FD55B338-9DBE-4643-ABED-A08964D3AF7C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", matchCriteriaId: "0D4F710E-06EA-48F4-AC6A-6F143950F015", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", matchCriteriaId: "2C4936C2-0B2D-4C44-98C3-443090965F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", matchCriteriaId: "48453405-2319-4327-9F4C-6F70B49452C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", matchCriteriaId: "49DD9544-6424-41A6-AEC0-EC19B8A10E71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", matchCriteriaId: "E4670E65-2E11-49A4-B661-57C2F60D411F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", matchCriteriaId: "5E8FF71D-4710-4FBB-9925-A6A26C450F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", matchCriteriaId: "31002A23-4788-4BC7-AE11-A3C2AA31716D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", matchCriteriaId: "7144EDDF-8265-4642-8EEB-ED52527E0A26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", matchCriteriaId: "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", matchCriteriaId: "7D731065-626B-4425-8E49-F708DD457824", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", matchCriteriaId: "B3D850EA-E537-42C8-93B9-96E15CB26747", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", matchCriteriaId: "E037DA05-2BEF-4F64-B8BB-307247B6A05C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", matchCriteriaId: "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", matchCriteriaId: "D395D95B-1F4A-420E-A0F6-609360AF7B69", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", matchCriteriaId: "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", matchCriteriaId: "E55B6565-96CB-4F6A-9A80-C3FB82F30546", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", matchCriteriaId: "D3300AFE-49A4-4904-B9A0-5679F09FA01E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", matchCriteriaId: "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", matchCriteriaId: "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", matchCriteriaId: "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", matchCriteriaId: "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", matchCriteriaId: "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", matchCriteriaId: "DA8A7333-B4C3-4876-AE01-62F2FD315504", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", matchCriteriaId: "92993E23-D805-407B-8B87-11CEEE8B212F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", matchCriteriaId: "7A11BD74-305C-41E2-95B1-5008EEF5FA5F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", matchCriteriaId: "595442D0-9DB7-475A-AE30-8535B70E122E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", matchCriteriaId: "4B0BA92A-0BD3-4CE4-9465-95E949104BAC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", matchCriteriaId: "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", matchCriteriaId: "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", matchCriteriaId: "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", matchCriteriaId: "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", matchCriteriaId: "C947E549-2459-4AFB-84A7-36BDA30B5F29", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", matchCriteriaId: "5D55DF79-F9BE-4907-A4D8-96C4B11189ED", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", matchCriteriaId: "14AB5787-82D7-4F78-BE93-4556AB7A7D0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", matchCriteriaId: "F8E9453E-BC9B-4F77-85FA-BA15AC55C245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", matchCriteriaId: "A7EF0518-73F9-47DB-8946-A8334936BEFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", matchCriteriaId: "95AA8778-7833-4572-A71B-5FD89938CE94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", matchCriteriaId: "242E47CE-EF69-4F8F-AB40-5AF2811674CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "4752862B-7D26-4285-B8A0-CF082C758353", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", matchCriteriaId: "58EA7199-3373-4F97-9907-3A479A02155E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "4693BD36-E522-4C8E-9667-8F3E14A05EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", matchCriteriaId: "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AFF96F96-34DB-4EB3-BF59-11220673FA26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", matchCriteriaId: "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "61E008F8-2F01-4DD8-853A-337B4B4163C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", matchCriteriaId: "6A776B25-6AF1-421B-8E47-2A7499F6B4D2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", matchCriteriaId: "701424A2-BB06-44B5-B468-7164E4F95529", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", matchCriteriaId: "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", matchCriteriaId: "8F9A5B7E-33A9-4651-9BE1-371A0064B661", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", matchCriteriaId: "F99252E8-A59C-48E1-B251-718D7FB3E399", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "49E3C039-A949-4F1B-892A-57147EECB249", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", matchCriteriaId: "0A354C34-A3FE-4B8A-9985-8874A0634BC7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "F28C7801-41B9-4552-BA1E-577967BCBBEE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", matchCriteriaId: "CFE300CC-FD4A-444E-8506-E5E269D0A0A5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "25B21085-7259-4685-9D1F-FF98E6489E10", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", matchCriteriaId: "F50A3EC9-516E-48A7-839B-A73F491B5B9F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "635EE321-2A1F-4FF8-95BE-0C26591969D9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", matchCriteriaId: "FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", matchCriteriaId: "C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", matchCriteriaId: "31AB969A-9ACE-44EF-B2E5-CEC008F47C46", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", matchCriteriaId: "06217215-72E4-4478-BACB-628A0836A645", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "9C95ADA4-66F5-45C4-A677-ACE22367A75A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", matchCriteriaId: "EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "11951A10-39A2-4FF5-8C43-DF94730FB794", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", matchCriteriaId: "8B79F2EA-C893-4359-80EC-24AE38D982E5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "351E5BCF-A56B-4D91-BA3C-21A4B77D529A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", matchCriteriaId: "2DC2BBB4-171E-4EFF-A575-A5B7FF031755", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", matchCriteriaId: "6B6B0504-27C1-4824-A928-A878CBBAB32D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", matchCriteriaId: "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", matchCriteriaId: "D903956B-14F5-4177-AF12-0A5F1846D3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", matchCriteriaId: "81F847DC-A2F5-456C-9038-16A0E85F4C3B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", matchCriteriaId: "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", matchCriteriaId: "C6B93A3A-D487-4CA1-8257-26F8FE287B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", matchCriteriaId: "BD8802B2-57E0-4AA6-BC8E-00DE60468569", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", matchCriteriaId: "8461DF95-18DC-4BF5-A703-7F19DA88DC30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", matchCriteriaId: "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", matchCriteriaId: "2823789C-2CB6-4300-94DB-BDBE83ABA8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", matchCriteriaId: "C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", matchCriteriaId: "A61429EE-4331-430C-9830-58DCCBCBCB58", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", matchCriteriaId: "31B3593F-CEDF-423C-90F8-F88EED87DC3E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", matchCriteriaId: "AE7862B2-E1FA-4E16-92CD-8918AB461D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", matchCriteriaId: "A9E03BE3-60CC-4415-B993-D0BB00F87A30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", matchCriteriaId: "CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", matchCriteriaId: "BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", matchCriteriaId: "48E5E8C3-21AD-4230-B945-AB7DE66307B9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", matchCriteriaId: "4945C8C1-C71B-448B-9075-07C6C92599CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", matchCriteriaId: "ED4730B0-2E09-408B-AFD4-FE00F73700FD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", matchCriteriaId: "B8DE8A8A-7643-4292-BCC1-758AE0940207", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", matchCriteriaId: "E9B54FCD-CF7C-47E2-8513-40419E47AF49", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", matchCriteriaId: "D87EFB6D-B626-469F-907C-40C771A55833", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", matchCriteriaId: "6330B97B-8FC5-4D7E-A960-5D94EDD0C378", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0F8C62EF-1B67-456A-9C66-755439CF8556", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", matchCriteriaId: "33E9607B-4D28-460D-896B-E4B7FA22441E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A819E245-D641-4F19-9139-6C940504F6E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "81A31CA0-A209-4C49-AA06-C38E165E5B68", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", matchCriteriaId: "7205475A-6D04-4042-B24E-1DA5A57029B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", matchCriteriaId: "08022987-B36B-4F63-88A5-A8F59195DF4A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", matchCriteriaId: "0AA563BF-A67A-477D-956A-167ABEF885C5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", matchCriteriaId: "FF4B7557-EF35-451E-B55D-3296966695AC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8980E61E-27BE-4858-82B3-C0E8128AF521", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", matchCriteriaId: "8756BF9B-3E24-4677-87AE-31CE776541F0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", matchCriteriaId: "88CE057E-2092-4C98-8D0C-75CF439D0A9C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8F194580-EE6D-4E38-87F3-F0661262256B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", matchCriteriaId: "A9731BAA-4C6C-4259-B786-F577D8A90FA1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", matchCriteriaId: "1F74A421-D019-4248-84B8-C70D4D9A8A95", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", matchCriteriaId: "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", matchCriteriaId: "05346F5A-FB52-4376-AAC7-9A5308216545", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", matchCriteriaId: "305688F2-50A6-41FB-8614-BC589DB9A789", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", matchCriteriaId: "D24AA431-C436-4AA5-85DF-B9AAFF2548FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", matchCriteriaId: "25966344-15D5-4101-9346-B06BFD2DFFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", matchCriteriaId: "11F4CBAC-27B1-4EFF-955A-A63B457D0578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", matchCriteriaId: "FD55B338-9DBE-4643-ABED-A08964D3AF7C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", matchCriteriaId: "0D4F710E-06EA-48F4-AC6A-6F143950F015", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", matchCriteriaId: "2C4936C2-0B2D-4C44-98C3-443090965F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", matchCriteriaId: "48453405-2319-4327-9F4C-6F70B49452C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", matchCriteriaId: "49DD9544-6424-41A6-AEC0-EC19B8A10E71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", matchCriteriaId: "E4670E65-2E11-49A4-B661-57C2F60D411F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", matchCriteriaId: "5E8FF71D-4710-4FBB-9925-A6A26C450F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", matchCriteriaId: "31002A23-4788-4BC7-AE11-A3C2AA31716D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", matchCriteriaId: "7144EDDF-8265-4642-8EEB-ED52527E0A26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", matchCriteriaId: "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", matchCriteriaId: "7D731065-626B-4425-8E49-F708DD457824", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", matchCriteriaId: "B3D850EA-E537-42C8-93B9-96E15CB26747", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", matchCriteriaId: "E037DA05-2BEF-4F64-B8BB-307247B6A05C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", matchCriteriaId: "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", matchCriteriaId: "D395D95B-1F4A-420E-A0F6-609360AF7B69", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", matchCriteriaId: "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", matchCriteriaId: "E55B6565-96CB-4F6A-9A80-C3FB82F30546", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", matchCriteriaId: "D3300AFE-49A4-4904-B9A0-5679F09FA01E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", matchCriteriaId: "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", matchCriteriaId: "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", matchCriteriaId: "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", matchCriteriaId: "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", matchCriteriaId: "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", matchCriteriaId: "DA8A7333-B4C3-4876-AE01-62F2FD315504", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", matchCriteriaId: "92993E23-D805-407B-8B87-11CEEE8B212F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", matchCriteriaId: "7A11BD74-305C-41E2-95B1-5008EEF5FA5F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", matchCriteriaId: "595442D0-9DB7-475A-AE30-8535B70E122E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", matchCriteriaId: "4B0BA92A-0BD3-4CE4-9465-95E949104BAC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", matchCriteriaId: "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", matchCriteriaId: "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", matchCriteriaId: "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", matchCriteriaId: "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", matchCriteriaId: "C947E549-2459-4AFB-84A7-36BDA30B5F29", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", matchCriteriaId: "5D55DF79-F9BE-4907-A4D8-96C4B11189ED", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", matchCriteriaId: "14AB5787-82D7-4F78-BE93-4556AB7A7D0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", matchCriteriaId: "F8E9453E-BC9B-4F77-85FA-BA15AC55C245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", matchCriteriaId: "A7EF0518-73F9-47DB-8946-A8334936BEFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", matchCriteriaId: "95AA8778-7833-4572-A71B-5FD89938CE94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", matchCriteriaId: "242E47CE-EF69-4F8F-AB40-5AF2811674CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "4752862B-7D26-4285-B8A0-CF082C758353", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", matchCriteriaId: "58EA7199-3373-4F97-9907-3A479A02155E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "4693BD36-E522-4C8E-9667-8F3E14A05EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", matchCriteriaId: "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AFF96F96-34DB-4EB3-BF59-11220673FA26", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", matchCriteriaId: "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "61E008F8-2F01-4DD8-853A-337B4B4163C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", matchCriteriaId: "6A776B25-6AF1-421B-8E47-2A7499F6B4D2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", matchCriteriaId: "701424A2-BB06-44B5-B468-7164E4F95529", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", matchCriteriaId: "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", matchCriteriaId: "8F9A5B7E-33A9-4651-9BE1-371A0064B661", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", matchCriteriaId: "F99252E8-A59C-48E1-B251-718D7FB3E399", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*", matchCriteriaId: "0FC82871-E47F-4431-AAE0-A714D7D22670", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", }, { lang: "es", value: "La implementación Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protección SecurityManager a través de una aplicación web que aprovecha el uso de privilegios incorrectos durante la evaluación EL.", }, ], id: "CVE-2014-7810", lastModified: "2024-11-21T02:18:03.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-07T23:59:03.580", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3428", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3447", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3530", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74665", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032330", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2654-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2655-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145974991225029&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1621.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0492.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1644018", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?view=revision&revision=1645642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-8.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3428", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3530", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2654-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2655-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.